REDHAT _ _ _ _ _ _ _ _ _ _ _ _ ___ _ _ _ ___ __ | | |_ _| \ | | | | \ \/ / | | | || \| | | | |\ / | |___ | || |\ | |_| |/ \ |_____|___|_| \_|\___//_/\_\ USER QUOTA HOWTO Verifiably applicable to Redhat 7.2 - 9.0 and reasonably applicable to any Linux distribution. ___________________________________________________________ Created Sept 2003 v2.0 section A: Ten Steps to User Quotas ............. (line 20) section B: Syntax and Command Usage ............. (line 69) section C: Real ISP Implementation Example ..... (line 104) ___________________________________________________________ | section A: Ten Steps to User Quotas steps: 1). Do you need to patch your kernel? * if you are using a recent version of RH with the RH supplied kernel, then no. 2). Do you need to install quota? * if you are using a recent version of RH with quota installed, then no. The most recent version of quota as of this writing is quota 3.06 - 9. 3.) Modify /etc/fstab and add support for quota on the file system(s) you intend to regulate. Hopefully, when you installed linux you allocated partitions appropriately to benefit the most from user quota implementation. example: Adding quota to a mail server, the path /var/spool/mail is a seperate partition. In fstab it looked like this prior to modification: LABEL=/var/spool/mail /var/spool/mail ext3 defaults 1 2 To enable user quota support on a file system, add "usrquota" to the 4th field containing the word "defaults" LABEL=/var/spool/mail /var/spool/mail ext3 defaults,userquota 1 2 Replace "usrquota" with "grpquota", should you need group quota support on a file system. 4.) Since you modified fstab, reboot the computer. 5.) create the necessary files on the partition where you enabled quota. Create the files 'aquota.group' and 'aquota.user'. Activate the quota database. example: 'touch /var/spool/mail/aquota.user' 'touch touch /var/spool/mail/aquota.group' 'chmod /var/spool/mail/aquota.* 600' 'quotacheck /var/spool/mail' 6.) Create a cron job to update the quota database. Quota automatically should work with periodical checks, it sometimes helps to run quotacheck periodically. example: 0 3 * * 0 /sbin/quotacheck -avug ___________________________________________________________ | section B: Syntax and Command Usage usage: Assigning quota to a specif user or group is accomplished with the command 'edquota'. To display all quota limits use the command 'repquota'. example: 'edquota -u username' 'repquota -a' To rapidly set quotas for many users all at once use the following syntax (all users with uid 500 and up). Sets everyone to the same quota as 'username') example: edquota -p username `awk -F: '$3 > 499 {print $1}' /etc/passwd` The commands 'quotaon' turns on quota accounting and 'quotaoff' to turns it off. definitions: Soft Limit: usage on filesystem that triggers grace period. Hard Limit: maximum usage limit before write access is denied to the user. Grace Period: period triggered by soft limit before access is denied to the user. Block Limits: total accumulated file disk usage. File Limits: total number of files or inodes. ___________________________________________________________ | section C: Real ISP Implementation Example intro: In this example an ISP uses quota to limit the size of customer mailboxes on /var/spool/mail for /dev/sda2. Disk quotas were enabled using the procedure described above. Now our goals are as follows: goals: 1. establish default quotas for a mail system already containing 100 or more users. example: start by setting the first user's quota to the values to be the system default. edquota -u derek second use a simple shell script to duplicate those values to every mailbox owner all at once. edquota -p derek `awk -F: '$3 > 499 {print $1}' /etc/passwd 2. synchronize the quota database for the filesystem on /dev/sda2. example: quotaoff /var/spool/mail /sbin/quotacheck -avug quotaon /var/spool/mail 3. generate a report showing only users exceeding their mailbox disk quota. example: repquota -ta | grep -v "\-\-\ \ \ " 4. configure warnquota to send mail to users over quota by creating or modifying the warnquota.conf file. example: vi /etc/warnquota.conf use the following values in warnquota.conf MAIL_CMD = "/usr/sbin/sendmail -t" FROM = "support@ispname.com" SUBJECT = NOTE: Your mailbox has exceeded allocatted disk space limits CC_TO = "support@ispname.com" SUPPORT = "support@ispname.com" PHONE = "555 555-1212" MESSAGE = Your mailbox has exceeded the allotted limit\ on this server|Please delete any unnecessary email in your mailbox on:| SIGNATURE = This message is automatically generated by the mail system. 5. send customers over soft limit an email notification example: warnquota 6. create a daily cron process script that will syn- chronize the quota database, send an email notification to mailbox owners exceeding soft quota, and send an email report to the system administrator which includes users exceeding their mailbox disk quota. example: create a cron script, make it executable and add the appropriate shell commands. touch /etc/cron.daily/quotatasks chmod +x /etc/cron.daily/quotatasks vi /etc/cron.daily/quotatasks shell script example: #!/bin/bash # # Derek B. Winterstien ####################################### # /sbin/quotaoff /var/spool/mail /sbin/quotacheck -avug /sbin/quotaon /var/spool/mail sleep 5s /usr/sbin/warnquota echo "From: System " > /tmp/mmail.lastmessage.txt echo "To: recipients@ispdomain.com" >> /tmp/mmail.lastmessage.txt echo "Subject: cron daily - quotatasks execution" >> /tmp/mmail.lastmessage.txt echo "Attention:" >> /tmp/mmail.lastmessage.txt echo "quotatasks executed." >> /tmp/mmail.lastmessage.txt /bin/date >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "System mailbox quota report:" >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "Showing only users over disk quota" >> /tmp/mmail.lastmessage.txt /usr/sbin/repquota -ta | grep -v "\-\-\ \ \ " >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "Customers exceeding soft quota have been notified by email." >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "System, " >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "Derek B. Winterstien" >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo "_______________________________________________________________" >> /tmp/mmail.lastmessage.txt echo "www.ispdomain.com - High Speed Internet Connections To The World" >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt echo " " >> /tmp/mmail.lastmessage.txt # /usr/sbin/sendmail noc@ispdomain.net,support@ispdomain.net < /tmp/mmail.lastmessage.txt