使用Linux的磁盘配额

启动文件系统对配额的支持

格式化磁盘sdc7 为 ext4

[root@localhost data]# blkid /dev/sdc7
/dev/sdc7: UUID="0dc3603b-bb2b-4ecc-b7bb-f2ea8078ce9d" TYPE="xfs"
[root@localhost data]# cat /etc/fstab

#
# /etc/fstab
# Created by anaconda on Mon Apr 17 21:42:08 2017
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/cl-root     /                       xfs     defaults        0 0
UUID=4e9e73e3-0ff0-4ac5-865f-7ab4975be268 /boot                   xfs     defaults        0 0
/dev/mapper/cl-swap     swap                    swap    defaults        0 0
UUID=0dc3603b-bb2b-4ecc-b7bb-f2ea8078ce9d /mnt/data ext4 defualts,usrquota,grpquota 0 0

执行

mount -a

然后 mount 查看最后一行,如果有如下内容则表示成功。

[root@localhost mnt]# mount | tail -1
/dev/sdc7 on /mnt/data type ext4 (rw,relatime,seclabel,quota,usrquota,grpquota,data=ordered)

检测磁盘配额并创建配额文件

[root@localhost mnt]# quotacheck --help
Utility for checking and repairing quota files.
quotacheck [-gucbfinvdmMR] [-F <quota-format>] filesystem|-a

-u, --user                check user files
-g, --group               check group files
-c, --create-files        create new quota files
-b, --backup              create backups of old quota files
-f, --force               force check even if quotas are enabled
-i, --interactive         interactive mode
-n, --use-first-dquot     use the first copy of duplicated structure
-v, --verbose             print more information
-d, --debug               print even more messages
-m, --no-remount          do not remount filesystem read-only
-M, --try-remount         try remounting filesystem read-only,
                          continue even if it fails
-R, --exclude-root        exclude root when checking all filesystems
-F, --format=formatname   check quota files of specific format
-a, --all                 check all filesystems
-h, --help                display this message and exit
-V, --version             display version information and exit

Bugs to [email protected]

使用quotacheck -ugcv 需要操作的设备 来创建配额文件

[root@localhost mnt]# quotacheck -ugcv /dev/sdc7
quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown.
quotacheck: Scanning /dev/sdc7 [/mnt/data] done
quotacheck: Checked 2 directories and 2 files
[root@localhost mnt]# ls /mnt/data
aquota.group  aquota.user  lost+found
[root@localhost mnt]#  

如果挂载的目录有aquota.groupaquota.user 则表示成功。

创建用户

[root@localhost mnt]# useradd zhangsan
[root@localhost mnt]# passwd zhangsan
Changing password for user zhangsan.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.

创建用户配额

[root@localhost mnt]# edquota -u zhangsan
Disk quotas for user zhangsan (uid 1010):
  Filesystem                   blocks       soft       hard     inodes     soft     hard
  /dev/sdc7                         0          0          0          0        0        0

前三列 blocks 针对块
后三列 inodes 针对文件数
soft 是软现在
hard 是硬限制

注: 不该随便改 blocks 和 inodes 的数字,它是系统自带检测识别的

启用和关闭配额功能

[root@localhost mnt]# quotaon /dev/sdc7 #开启
[root@localhost mnt]# quotaon /dev/sdc7 # 关闭

测试

我设置的软现在为5 硬限制为6

 [root@localhost mnt]# setfacl -m user:zhangsan:rwx data
[root@localhost mnt]# su zhangsan
[zhangsan@localhost mnt]$ clear
[zhangsan@localhost mnt]$ ls
data  data1
[zhangsan@localhost mnt]$ cd data
[zhangsan@localhost data]$ ll
total 32
-rw-------. 1 root root  6144 Apr 22 15:50 aquota.group
-rw-------. 1 root root  7168 Apr 22 15:50 aquota.user
drwx------. 2 root root 16384 Apr 22 15:27 lost+found
[zhangsan@localhost data]$ touch a{1..10}
sdc7: warning, user file quota exceeded. #软限制生效
sdc7: write failed, user file limit reached.#硬限制生效
touch: cannot touch ‘a7’: Disk quota exceeded
touch: cannot touch ‘a8’: Disk quota exceeded
touch: cannot touch ‘a9’: Disk quota exceeded
touch: cannot touch ‘a10’: Disk quota exceeded
[zhangsan@localhost data]$ ll
total 32
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a1
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a2
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a3
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a4
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a5
-rw-rw-r--. 1 zhangsan zhangsan     0 Apr 22 15:53 a6
-rw-------. 1 root     root      7168 Apr 22 15:50 aquota.group
-rw-------. 1 root     root      7168 Apr 22 15:50 aquota.user
drwx------. 2 root     root     16384 Apr 22 15:27 lost+found

再次检查配置文件,发送 inodes 变成了6

限制大小

设置块大小,单位是千字节(kb)

写入120M文件

[zhangsan@localhost data]$ dd if=/dev/zero of=my.iso bs=1M count=120
120+0 records in
120+0 records out
125829120 bytes (126 MB) copied, 0.139963 s, 899 MB/s

没有报错,然后在写入150m 文件,提示错误了。

[zhangsan@localhost data]$ dd if=/dev/zero of=my.iso bs=1M count=150
sdc7: write failed, user block limit reached.
dd: error writing ‘my.iso’: Disk quota exceeded
121+0 records in
120+0 records out
125829120 bytes (126 MB) copied, 0.119931 s, 1.0 GB/s

对组进行限制

1.设置组配额的配置文件

[root@localhost ~]# edquota -g zhangsan

创建用户并把 lisi 这个用户的组设置为 zhangsan

[root@localhost ~]# useradd lisi -g zhangsan
[root@localhost ~]# passwd lisi
Changing password for user lisi.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

赋予权限,让lisi对 data 目录具有读写执行的权限

[root@localhost mnt]# setfacl -m user:lisi:rwx data

然后切换到lisi 写入文件,报错了。

[lisi@localhost data]$ dd if=/dev/zero of=my1.iso bs=1M count=120
sdc7: write failed, group block limit reached.
dd: error writing ‘my1.iso’: Disk quota exceeded
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.000769198 s, 0.0 kB/s