Disk Quotas
Implementing Disk Quotas
In addition to monitoring the disk space used on a system, disk space can be restricted by implementing disk quotas so that the system administrator is alerted before a user consumes too much disk space or a partition becomes full.
Disk quotas can be configured for individual users as well as user groups. This kind of flexibility makes it possible to give each user a small quota to handle "personal" file (such as email and reports), while allowing the projects they work on to have more sizable quotas (assuming the projects are given their own groups).
In addition, quotas can be set not just to control the number of disk blocks consumed but to control the number of inodes. Because inodes are used to contain file-related information, this allows control over the number of files that can be created.
The quota RPM must be installed to implement disk quotas.
Configuring Disk Quotas
To implement disk quotas, use the following steps:
- Enable quotas per file system by modifying /etc/fstab"
- Remount the file system(s)
- Create the quota files and generate the disk usage table
- Assign quotas
Enabling Quotas
As root, using the text editor of your choice, add the usrquota and/or grpquota options to the file systems that require quotas:
LABEL=/ / ext3 defaults 1 1 LABEL=/boot /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 LABEL=/home /home ext3 defaults,usrquota,grpquota 1 2 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 /dev/hda2 swap swap defaults 0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0
In this example, the /home file system has both user and group quotas enabled.
Remounting the File Systems
After adding the userquota and grpquota options, remount each file system whose fstab entry has been modified. If the file system is not in use by any process, use the umount command followed by the mount to remount the file system. If the file system is currently in use, the easiest method for remounting the file system is to reboot the system.
Creating Quota Files
After each quota-enabled file system is remounted, the system is now capable of working with disk quotas. However, the file system itself is not yet ready to support quotas. The next step is to run the quotacheck command.
The quotacheck command examines quota-enabled file systems and builds a table of the current disk usage per file system. The table is then used to update the operating system's copy of disk usage. In addition, the file system's disk quota files are updated.
To create the quota files ( aquota.user and aquota.group) on the file system, use the -c option of the quotacheck command. For example, if user and group quotas are enabled for the /home partition, create the files in the /home directory:
quotacheck -acug /home
The -a option means that all mounted non-NFS file systems in /etc/mtab are checked to see if quotas are enabled. The -c option specifies that the quota files should be created for each file system with quotas enabled, the -u specifies to check for user quotas, and the -g option specifies to check for group quotas.
If neither the -u or -g options are specified, only the user quota file is created. If only -g is specified, only the group quota file is created.
After the files are created, run the following command to generate the table of current disk usage per file system with quotas enabled:
quotacheck -avug
The options used are as follows:
- a — Check all quota-enabled, locally-mounted file systems
- v — Display verbose status information as the quota check proceeds
- u — Check user disk quota information
- g — Check group disk quota information
After quotacheck has finished running, the quota files corresponding to the enabled quotas (user and/or group) are populated with data for each quota-enabled file system such as /home.
Assigning Quotas per User
The last step is assigning the disk quotas with the edquota command.
To configure the quota for a user, as root in a shell prompt, execute the command:
edquota username
Perform this step for each user for which you want to implement a quota. For example, if a quota is enabled in /etc/fstab for the /home partition ( /dev/hda3) and the command edquota testuser is executed, the following is shown in the editor configured as the default for the system:
Disk quotas for user testuser (uid 501): Filesystem blocks soft hard inodes soft hard /dev/hda3 440436 0 0 37418 0 0
The text editor defined by the EDITOR environment variable is used by edquota. To change the editor, set the EDITOR environment variable to the full path of the editor of your choice.
The first column is the name of the file system that has a quota enabled for it. The second column shows how many blocks the user is currently using. The next two columns are used to set soft and hard block limits for the user on the file system. The inodes column shows how many inodes the user is currently using. The last two columns are used to set the soft and hard inode limits for the user on the file system.
A hard limit is the absolute maximum amount of disk space that a user or group can use. Once this limit is reached, no further disk space can be used.
The soft limit defines the maximum amount of disk space that can be used. However, unlike the hard limit, the soft limit can be exceeded for a certain amount of time. That time is known as the grace period. The grace period can be expressed in seconds, minutes, hours, days, weeks, or months.
If any of the values are set to 0, that limit is not set. In the text editor, change the desired limits. For example:
Disk quotas for user testuser (uid 501): Filesystem blocks soft hard inodes soft hard /dev/hda3 440436 500000 550000 37418 0 0
To verify that the quota for the user has been set, use the command:
quota testuser
Assigning Quotas per Group
Quotas can also be assigned on a per-group basis. For example, to set a group quota for the devel group, use the command (the group must exist prior to setting the group quota):
edquota -g devel
This command displays the existing quota for the group in the text editor:
Disk quotas for group devel (gid 505): Filesystem blocks soft hard inodes soft hard /dev/hda3 440400 0 0 37418 0 0
Modify the limits, save the file, and then configure the quota.
To verify that the group quota has been set, use the command:
quota -g devel
Assigning Quotas per File System
To assign quotas based on each file system enabled for quotas, use the command:
edquota -t
Like the other edquota commands, this one opens the current quotas for the file system in the text editor:
Grace period before enforcing soft limits for users: Time units may be: days, hours, minutes, or seconds Filesystem Block grace period Inode grace period /dev/hda3 7days 7days
Change the block grace period or inode grace period, save the changes to the file, and exit the text editor.
Managing Disk Quotas
If quotas are implemented, they need some maintenance — mostly in the form of watching to see if the quotas are exceeded and making sure the quotas are accurate. Of course, if users repeatedly exceeds their quotas or consistently reaches their soft limits, a system administrator has a few choices to make depending on what type of users they are and how much disk space impacts their work. The administrator can either help the user determine how to use less disk space or increase the user's disk quota if needed.
Reporting on Disk Quotas
Creating a disk usage report entails running the repquota utility. For example, the command repquota /home produces this output:
*** Report for user quotas on device /dev/hda3
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 36 0 0 4 0 0
tfox -- 540 0 0 125 0 0
testuser -- 440400 500000 550000 37418 0 0
To view the disk usage report for all quota-enabled file systems, use the command:
repquota -a
While the report is easy to read, a few points should be explained. The -- displayed after each user is a quick way to determine whether the block or inode limits have been exceeded. If either soft limit is exceeded, a + appears in place of the corresponding -; the first - represents the block limit, and the second represents the inode limit.
The grace columns are normally blank. If a soft limit has been exceeded, the column contains a time specification equal to the amount of time remaining on the grace period. If the grace period has expired, none appears in its place.
Keeping Quotas Accurate
Whenever a file system is not unmounted cleanly (due to a system crash, for example), it is necessary to run quotacheck. However, quotacheck can be run on a regular basis, even if the system has not crashed. Running the following command periodically keeps the quotas more accurate:
quotacheck -avug
The easiest way to run it periodically is to use cron. As root, you can either use the crontab -e command to schedule a periodic quotacheck or place a script that runs quotacheck in any one of the following directories (using whichever interval best matches your needs):
- /etc/cron.hourly
- /etc/cron.daily
- /etc/cron.weekly
- /etc/cron.monthly
The most accurate quota statistics can be obtained when the file system(s) analyzed are not in active use. Thus, the cron task should be schedule during a time where the file system(s) are used the least. If this time is various for different file systems with quotas, run quotacheck for each file system at different times with multiple cron tasks.
Enabling and Disabling
It is possible to disable quotas without setting them to be 0. To turn all user and group quotas off, use the following command:
quotaoff -vaug
If neither the -u or -g options are specified, only the user quotas are disabled. If only -g is specified, only group quotas are disabled.
To enable quotas again, use the quotaon command with the same options.
For example, to enable user and group quotas for all file systems:
quotaon -vaug
To enable quotas for a specific file system, such as /home:
quotaon -vug /home
If neither the -u or -g options are specified, only the user quotas are enabled. If only -g is specified, only group quotas are enabled.
