Solved

quota

Posted on 2013-05-16
8
506 Views
Last Modified: 2013-05-28
Here's my /etc/fstab file
/dev/mapper/fedora-root /                       ext4    defaults,usrquota,grpquota        1 1

I ran  
1. mount -o remount /
2. quotacheck -cug /
3.quotaon /
4.edquota  root
5. quota root  shows
Disk quotas for user root (uid 0):
     Filesystem  blocks   quota   limit   grace   files   quota   limit   grace
/dev/mapper/fedora-root
                4538640*      1       1   7days  123318       0       0        


dd if=/dev/urandom of=/test.txt bs=32768 count=279

It succeded in creating this file. I thought this should have failed with disk quota exceede ??
0
Comment
Question by:perlperl
  • 4
  • 3
8 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 39173701
it is not clear from your post whether you have hard quota setting.

using root as the test account is not adviseable nor is it advisable to set quota on / versus creating a separate partition for /home

the other issue is you have two quota enforcement mechanisms: quota and grpquota.
root:other the group  might extend roots quota.

 create a new non admin user set their quota making sure it is a hard restriction.
then test the enforcement.
0
 

Author Comment

by:perlperl
ID: 39174543
I created a user  test

[root@localhost ~]# quota test
Disk quotas for user test (uid 17073):
     Filesystem  blocks   quota   limit   grace   files   quota   limit   grace
/dev/mapper/fedora-root
                     28*     10      10   6days       9       0       0        
[root@localhost ~]# su test
[test@localhost root]$

Added test to sudoers file

[test@localhost root]$ sudo dd if=/dev/urandom of=/root/test.txt bs=32768 count=169
169+0 records in
169+0 records out
5537792 bytes (5.5 MB) copied, 0.487241 s, 11.4 MB/s

SHOULDN"T the above fail? Not sure what I am missing??

/etc/fstab has
/dev/mapper/fedora-root /                       ext4    defaults,usrquota,grpquota        1
0
 

Author Comment

by:perlperl
ID: 39174546
Do I have to create seperate partition for home? How can I do that?
0
 
LVL 8

Expert Comment

by:Pepe2323
ID: 39174826
If /home is part of the same partition or in this case logical volume then no

Quotas are only able to restrict by Filesystem
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39174893
IMHO, using a separate /home is better.

Your two last options are set to unlimited. If I am not mistaken the first are soft enforcement options. The last hard are enforcement options

i.e. for user test set the following:
     Filesystem  blocks   quota   limit   grace   files   quota   limit   grace
/dev/mapper/fedora-root
 28*     10      10   6days       9       12       10

see what that does.
0
 

Author Comment

by:perlperl
ID: 39175056
I was suppose to write in /home/test/test.txt and now it worked .
It properly fails with quota exceeded
0
 

Author Comment

by:perlperl
ID: 39175060
this worked
 dd if=/dev/urandom of=/home/test/test.txt bs=32768 count=169

THis is because "test" is the user
0
 
LVL 76

Expert Comment

by:arnold
ID: 39175722
you have quota allocation per user and per group. test user is the one you setup with edquota username
edquota -g group see what options it lets you set here.
Note it is very dangerous to set a group quota where there are multiple users as that will enforced based on their combined space usage.

root may have one restriction, but the group other has none so at some point the group quota for other allows for root to have additional space beyond its own.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Whether you’re a college noob or a soon-to-be pro, these tips are sure to help you in your journey to becoming a programming ninja and stand out from the crowd.
If you’re thinking to yourself “That description sounds a lot like two people doing the work that one could accomplish,” you’re not alone.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now