Dernière mise-à-jour : 2020/01/30 03:27
Important : Déconnectez-vous et re-connectez-vous directement en tant que root.
Sous Linux il est possible de mettre en place des quotas par utilisateur et par groupe. Ceci étant, Linux ne sait pas gérer des quotas par répertoire, uniquement des quotas par partition. L'administrateur met souvent des quotas en place sur l'arborescence de /home pour limiter l'espace de stockage occupé par les utilisateurs.
Commencez par vérifiez que le paquet quota est bien installé :
root@debian8:~# dpkg --get-selections | grep quota root@debian8:~# apt-get install quota Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: libnet-ldap-perl The following NEW packages will be installed: quota 0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 319 kB of archives. After this operation, 1,580 kB of additional disk space will be used. Get:1 http://ftp.fr.debian.org/debian/ jessie/main quota amd64 4.01-8+deb8u1 [319 kB] Fetched 319 kB in 0s (1,884 kB/s) Preconfiguring packages ... Selecting previously unselected package quota. (Reading database ... 146985 files and directories currently installed.) Preparing to unpack .../quota_4.01-8+deb8u1_amd64.deb ... Unpacking quota (4.01-8+deb8u1) ... Processing triggers for man-db (2.7.0.2-5) ... Processing triggers for systemd (215-17+deb8u4) ... Setting up quota (4.01-8+deb8u1) ... Processing triggers for systemd (215-17+deb8u4) ...
A Faire - Arrêtez votre machine virtuelle. Ajoutez un deuxième disque de 20 Go au contrôleur SATA en utilisant la section Stockage des paramètres de la machine virtuelle. Le format du disque doit être vmdk. Nommez ce disque DebianHome et re-démarrez la machine virtuelle.
Créez une seule partition sur /dev/sdb :
root@debian8:~# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.25.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5b6171fe.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-41943039, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-41943039, default 41943039):
Created a new partition 1 of type 'Linux' and of size 20 GiB.
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
Créez maintenant un système de fichiers ext4 sur /dev/sdb1 :
root@debian8:~# mkfs.ext4 /dev/sdb1 mke2fs 1.42.12 (29-Aug-2014) Creating filesystem with 5242624 4k blocks and 1310720 inodes Filesystem UUID: 6e4ea901-a36d-4b3f-bbbf-eeea866fca40 Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000 Allocating group tables: done Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done
Montez /dev/sdb1 sur /mnt :
root@debian8:~# mount /dev/sdb1 /mnt
Copiez le contenu de /home vers /mnt :
root@debian8:~# cp -a /home/* /mnt
Démontez /dev/sdb1 et déplacez /home vers /root :
root@debian8:~# umount /mnt root@debian8:~# mv /home /root
Identifiez l'UUID de /dev/sdb1 :
root@debian8:~# ls -l /dev/disk/by-uuid/ | grep sdb1 lrwxrwxrwx 1 root root 10 Aug 13 12:26 6e4ea901-a36d-4b3f-bbbf-eeea866fca40 -> ../../sdb1
Editez le fichier /etc/fstab en ajoutant la ligne pour le montage de /home :
# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> # / was on /dev/sda1 during installation UUID=4a230056-285f-42f4-bfe0-5a73dbc5b745 / ext4 errors=remount-ro 0 1 # swap was on /dev/sda5 during installation UUID=da5a77e9-344d-42aa-aed6-a38d381ba436 none swap sw 0 0 UUID=6e4ea901-a36d-4b3f-bbbf-eeea866fca40 /home ext4 defaults 0 0 /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
Créez le point de montage /home :
root@debian8:~# mkdir /home
Montez /dev/sdb1 :
root@debian8:~# mount -a root@debian8:~# mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,relatime,size=10240k,nr_inodes=61148,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,relatime,size=101232k,mode=755) /dev/sda1 on / type ext4 (rw,relatime,errors=remount-ro,data=ordered) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=23,pgrp=1,timeout=300,minproto=5,maxproto=5,direct) debugfs on /sys/kernel/debug type debugfs (rw,relatime) mqueue on /dev/mqueue type mqueue (rw,relatime) hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime) fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime) rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw,relatime) tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=50616k,mode=700) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=50616k,mode=700,uid=1000,gid=1000) /dev/sdb1 on /home type ext4 (rw,relatime,data=ordered)
Notez la taille de /home :
root@debian8:~# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda1 9.5G 5.7G 3.4G 63% / udev 10M 0 10M 0% /dev tmpfs 99M 4.8M 95M 5% /run tmpfs 248M 0 248M 0% /dev/shm tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs 248M 0 248M 0% /sys/fs/cgroup tmpfs 50M 0 50M 0% /run/user/0 tmpfs 50M 0 50M 0% /run/user/1000 /dev/sdb1 20G 46M 19G 1% /home
Editez le fichier /etc/fstab en ajoutant les options usrquota et grpquota à la ligne /home :
root@debian8:~# vi /etc/fstab root@debian8:~# cat /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> # / was on /dev/sda1 during installation UUID=4a230056-285f-42f4-bfe0-5a73dbc5b745 / ext4 errors=remount-ro 0 1 # swap was on /dev/sda5 during installation UUID=da5a77e9-344d-42aa-aed6-a38d381ba436 none swap sw 0 0 UUID=6e4ea901-a36d-4b3f-bbbf-eeea866fca40 /home ext4 defaults,usrquota,grpquota 0 0 /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
Démontez puis remontez /home :
root@debian8:~# umount /home root@debian8:~# mount -a
Vérifiez ensuite que les options soient prises en compte :
root@debian8:~# cat /etc/mtab rootfs / rootfs rw 0 0 sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0 proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0 udev /dev devtmpfs rw,relatime,size=10240k,nr_inodes=61148,mode=755 0 0 devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 tmpfs /run tmpfs rw,nosuid,relatime,size=101232k,mode=755 0 0 /dev/sda1 / ext4 rw,relatime,errors=remount-ro,data=ordered 0 0 securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 0 0 tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0 tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0 tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0 cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd 0 0 pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0 cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 0 cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpu,cpuacct 0 0 cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 0 0 cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 0 0 cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,relatime,net_cls,net_prio 0 0 cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 0 cgroup /sys/fs/cgroup/perf_event cgroup rw,nosuid,nodev,noexec,relatime,perf_event 0 0 systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=23,pgrp=1,timeout=300,minproto=5,maxproto=5,direct 0 0 hugetlbfs /dev/hugepages hugetlbfs rw,relatime 0 0 debugfs /sys/kernel/debug debugfs rw,relatime 0 0 mqueue /dev/mqueue mqueue rw,relatime 0 0 fusectl /sys/fs/fuse/connections fusectl rw,relatime 0 0 rpc_pipefs /run/rpc_pipefs rpc_pipefs rw,relatime 0 0 tmpfs /run/user/0 tmpfs rw,nosuid,nodev,relatime,size=50616k,mode=700 0 0 /dev/sdb1 /home ext4 rw,relatime,quota,usrquota,grpquota,data=ordered 0 0
Pour activer les quotas sur /home, il convient d'utiliser la commande quotacheck :
root@debian8:~# quotacheck -cugvm -f /dev/sdb1 quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown. quotacheck: Scanning /dev/sdb1 [/home] done quotacheck: Cannot stat old user quota file /home/aquota.user: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old group quota file /home/aquota.group: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old user quota file /home/aquota.user: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old group quota file /home/aquota.group: No such file or directory. Usage will not be subtracted. quotacheck: Checked 6754 directories and 64246 files quotacheck: Old file not found. quotacheck: Old file not found.
Les options de la commande quotacheck sont :
root@debian8:~# quotacheck --help
Utility for checking and repairing quota files.
quotacheck [-gucbfinvdmMR] [-F <quota-format>] filesystem|-a
-u, --user check user files
-g, --group check group files
-c, --create-files create new quota files
-b, --backup create backups of old quota files
-f, --force force check even if quotas are enabled
-i, --interactive interactive mode
-n, --use-first-dquot use the first copy of duplicated structure
-v, --verbose print more information
-d, --debug print even more messages
-m, --no-remount do not remount filesystem read-only
-M, --try-remount try remounting filesystem read-only,
continue even if it fails
-R, --exclude-root exclude root when checking all filesystems
-F, --format=formatname check quota files of specific format
-a, --all check all filesystems
-h, --help display this message and exit
-V, --version display version information and exit
Bugs to jack@suse.cz
Les quotas ont été activés et les fichier aquota.user et aquota.group ont été créés dans le répertoire /home :
root@debian8:~# ls -la /home total 44 drwxr-xr-x 4 root root 4096 Aug 14 09:25 . drwxr-xr-x 23 root root 4096 Aug 13 15:38 .. -rw------- 1 root root 7168 Aug 14 09:25 aquota.group -rw------- 1 root root 7168 Aug 14 09:25 aquota.user drwx------ 2 root root 16384 Aug 13 12:26 lost+found drwxr-xr-x 18 trainee trainee 4096 Aug 13 13:31 trainee
Créez maintenant un utilisateur fenestros avec le mot de passe fenestros :
root@debian8:~# groupadd fenestros && useradd -m fenestros -c FenestrOs -d /home/fenestros -g fenestros -s /bin/bash root@debian8:~# passwd fenestros Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Mettez en place maintenant un quota de 10Mo pour l'utilisateur fenestros :
root@debian8:~# EDITOR=/usr/bin/vi root@debian8:~# export EDITOR root@debian8:~# edquota -u fenestros -f /home
L'éditeur vi se lance et vous obtiendrez un résultat similaire à celui-ci :
Disk quotas for user fenestros (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/sdb1 0 0 0 0 0 0
Modifiez ce fichier ainsi :
Disk quotas for user fenestros (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/sdb1 0 8000 10000 0 0 0
Les options de la commande edquota sont :
root@debian8:~# edquota --help
edquota: Usage:
edquota [-rm] [-u] [-F formatname] [-p username] [-f filesystem] username ...
edquota [-rm] -g [-F formatname] [-p groupname] [-f filesystem] groupname ...
edquota [-u|g] [-F formatname] [-f filesystem] -t
edquota [-u|g] [-F formatname] [-f filesystem] -T username|groupname ...
-u, --user edit user data
-g, --group edit group data
-r, --remote edit remote quota (via RPC)
-m, --no-mixed-pathnames trim leading slashes from NFSv4 mountpoints
-F, --format=formatname edit quotas of a specific format
-p, --prototype=name copy data from a prototype user/group
--always-resolve always try to resolve name, even if it is
composed only of digits
-f, --filesystem=filesystem edit data only on a specific filesystem
-t, --edit-period edit grace period
-T, --edit-times edit grace time of a user/group
-h, --help display this help text and exit
-V, --version display version information and exit
Bugs to: jack@suse.cz
Important - Pour mettre en place un quota par group, la procédure est similaire. Il suffit d'utiliser l'option -g de la commande edquota.
Appliquez maintenant les quotas :
root@debian8:~# quotaon -a
Les options de la commande quotaon sont :
root@debian8:~# quotaon --help quotaon: Usage: quotaon [-guvp] [-F quotaformat] [-x state] -a quotaon [-guvp] [-F quotaformat] [-x state] filesys ... -a, --all turn quotas on for all filesystems -f, --off turn quotas off -u, --user operate on user quotas -g, --group operate on group quotas -p, --print-state print whether quotas are on or off -x, --xfs-command=cmd perform XFS quota command -F, --format=formatname operate on specific quota format -v, --verbose print more messages -h, --help display this help text and exit -V, --version display version information and exit
De cette manière vous avez mis en place un quota souple pour fenestros de 8 000 Ko et un quota stricte de 10 000 Ko.
Quand l'utilisateur fenestros aura dépassé le quota souple, il recevra un message d'avertissement. Quand il dépasse le quota stricte, il ne pourra plus enregistrer dans /home, sauf dans le cas où il supprime des fichiers pour retomber en dessous de la limite stricte.
Il est à noter que vous pouvez soit mettre en place un quota en taille, soit mettre en place un quota basé sur le nombre d'inodes utilisés par l'utilisateur.
Important - La commande pour désactivez les quotas est quotaoff.
Pour visualiser les quotas utilisez la commande repquota :
root@debian8:~# repquota /home
*** Report for user quotas on device /dev/sdb1
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 20 0 0 2 0 0
trainee -- 1125912 0 0 70998 0 0
Important - Notez que l'utilisateur fenestros ne figure pas dans la liste. Sous Debian, le quota n'est pas visible tant que l'utilisateur ne s'est pas connecté pour la première fois. Notez aussi les période de grâce de 7 jours.
Les options de la commande repquota sont :
root@debian8:~# repquota --help repquota: Utility for reporting quotas. Usage: repquota [-vugsi] [-c|C] [-t|n] [-F quotaformat] (-a | mntpoint) -v, --verbose display also users/groups without any usage -u, --user display information about users -g, --group display information about groups -s, --human-readable show numbers in human friendly units (MB, GB, ...) -t, --truncate-names truncate names to 9 characters -p, --raw-grace print grace time in seconds since epoch -n, --no-names do not translate uid/gid to name -i, --no-autofs avoid autofs mountpoints -c, --batch-translation translate big number of ids at once -C, --no-batch-translation translate ids one by one -F, --format=formatname report information for specific format -h, --help display this help message and exit -V, --version display version information and exit Bugs to jack@suse.cz
Pour visualiser les quotas d'un utilisateur spécifique, il convient d'utiliser la commande quota :
root@debian8:~# quota fenestros
Disk quotas for user fenestros (uid 1001): none
root@debian8:~# su - fenestros
fenestros@debian8:~$ touch test
fenestros@debian8:~$ exit
logout
root@debian8:~# quota fenestros
Disk quotas for user fenestros (uid 1001):
Filesystem blocks quota limit grace files quota limit grace
/dev/sdb1 20 8000 10000 6 0 0
Les options de la commande quota sont :
root@debian8:~# quota --help
quota: Usage: quota [-guqvswim] [-l | [-Q | -A]] [-F quotaformat]
quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -u username ...
quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -g groupname ...
quota [-qvswugQm] [-F quotaformat] -f filesystem ...
-u, --user display quota for user
-g, --group display quota for group
-q, --quiet print more terse message
-v, --verbose print more verbose message
-s, --human-readable display numbers in human friendly units (MB, GB...)
--always-resolve always try to translate name to id, even if it is
composed of only digits
-w, --no-wrap do not wrap long lines
-p, --raw-grace print grace time in seconds since epoch
-l, --local-only do not query NFS filesystems
-Q, --quiet-refuse do not print error message when NFS server does
not respond
-i, --no-autofs do not query autofs mountpoints
-F, --format=formatname display quota of a specific format
-f, --filesystem-list display quota information only for given filesystems
-A, --nfs-all display quota for all NFS mountpoints
-m, --no-mixed-pathnames trim leading slashes from NFSv4 mountpoints
--show-mntpoint show mount point of the file system in output
--hide-device do not show file system device in output
-h, --help display this help message and exit
-V, --version display version information and exit
Bugs to: jack@suse.cz
La commande warnquota vérifie le ou les disques et envoie un message par mail à tout utilisateur qui a dépassé la limite soft. Elle est enrègle générale appelée par un job cron. Cependant elle peut aussi est appelée d'une manière intéractive.
Les options de la commande warnquota sont :
root@debian8:~# warnquota --help warnquota: Usage: warnquota [-ugsid] [-F quotaformat] [-c configfile] [-q quotatabfile] [-a adminsfile] [filesystem...] -u, --user warn users -g, --group warn groups -s, --human-readable send information in more human friendly units -i, --no-autofs avoid autofs mountpoints -d, --no-details do not send quota information itself -F, --format=formatname use quotafiles of specific format -c, --config=config-file non-default config file -q, --quota-tab=quotatab-file non-default quotatab -a, --admins-file=admins-file non-default admins file -h, --help display this help message and exit -v, --version display version information and exit Bugs to jack@suse.cz
<html>
Copyright © 2004-2017 Hugh Norris.<br><br> <a rel=“license” href=“http://creativecommons.org/licenses/by-nc-nd/3.0/fr/”><img alt=“Licence Creative Commons” style=“border-width:0” src=“http://i.creativecommons.org/l/by-nc-nd/3.0/fr/88x31.png” /></a><br />Ce(tte) oeuvre est mise à disposition selon les termes de la <a rel=“license” href=“http://creativecommons.org/licenses/by-nc-nd/3.0/fr/”>Licence Creative Commons Attribution - Pas d’Utilisation Commerciale - Pas de Modification 3.0 France</a>.
</html>