linux磁盤管理系列一：磁盤配額管理

linux磁盤管理系列一：磁盤配額管理

1 前言

在linux系統中，因爲是多用戶、多任務的環境，若是有少數幾個用戶大量使用磁盤空間，致使其餘用戶的正常使用，所以須要對各個用戶的磁盤空間進行管理和限定。

2 quota的用途

限制某一個用戶的最大磁盤配額

3 quota的使用限制

• 僅能針對整個文件系統
• 內核必須支持
• 只對通常用戶生效
• 這裏提供一個樣例，針對樣例對quota的配置管理作個描述

4 案例講解

4.1案例描述

• 建立5個用戶user1,user2,user3,user4,user5，密碼和用戶名相同，初始組爲usergrp組。
• 5個用戶均可以取得300M的磁盤使用空間，文件數量不限。超過250M,給於提示。
• usergrp這個組內成員最大使用空間1GB。
• 若是有用戶超過soft限制，給14天的寬限時間。

4.2 準備磁盤

[root@mail ~]# fdisk -l      #查看磁盤狀況

Disk /dev/sda: 42.9 GB, 42949672960 bytes, 83886080 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000bd275

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048     2099199     1048576   83  Linux
/dev/sda2         2099200    83886079    40893440   8e  Linux LVM

Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/cl-root: 39.7 GB, 39720058880 bytes, 77578240 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/cl-swap: 2147 MB, 2147483648 bytes, 4194304 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

[root@mail ~]# fdisk /dev/sdb     #對sdb這個盤進行分區，這裏就分一個區
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0xbcd17d69.

Command (m for help): n
Partition type:
   p   primary (0 primary, 0 extended, 4 free)
   e   extended
Select (default p): p
Partition number (1-4, default 1): 1
First sector (2048-20971519, default 2048): 
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): 
Using default value 20971519
Partition 1 of type Linux and of size 10 GiB is set

Command (m for help): p

Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0xbcd17d69

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1            2048    20971519    10484736   83  Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
[root@mail ~]# mkfs.ext4 /dev/sdb1
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
655360 inodes, 2621184 blocks
131059 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=2151677952
80 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks: 
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done 

[root@mail ~]# mkdir /mnt/home          #建立一個目錄
[root@mail ~]# mount /dev/sdb1 /mnt/home   #測試掛載下

4.4.建立用戶 

[root@mail ~]# vim adduserbat.sh  #建立一個添加用戶的腳本
[root@mail ~]# cat adduserbat.sh  #確認下腳本
#!/bin/bash

groupadd usergrp
for user in user1 user2 user3 user4 user5
do 
    useradd -g usergrp -b /mnt/home $user
    echo $user |passwd --stdin $user
done
[root@mail ~]# sh adduserbat.sh    #運行腳本去建立用戶
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
Changing password for user user1.
passwd: all authentication tokens updated successfully.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
Changing password for user user2.
passwd: all authentication tokens updated successfully.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
Changing password for user user3.
passwd: all authentication tokens updated successfully.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
Changing password for user user4.
passwd: all authentication tokens updated successfully.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
Changing password for user user5.
passwd: all authentication tokens updated successfully.
[root@mail ~]# finger user1             #查看用戶信息，確保家目錄在/dev/sdb1的掛載目錄上。
Login: user1                      Name: 
Directory: /mnt/home/user1              Shell: /bin/bash
Never logged in.
No mail.
No Plan.
[root@mail ~]# id user1              #查看用戶信息
uid=2531(user1) gid=2532(usergrp) groups=2532(usergrp)

4.5.檢查操做系統支持

前面提到了quota僅僅針對整個文件系統來進行規劃的。須要確認咱們爲各個用戶提供存儲的位置是獨立的文件系統。

[root@mail ~]# df -h /mnt/home      #查看咱們的掛載點是不是獨立文件系統
Filesystem      Size  Used Avail Use% Mounted on
/dev/sdb1       9.8G   37M  9.2G   1% /mnt/home
[root@mail ~]# mount |grep /mnt/home     #查看咱們的文件系統
/dev/sdb1 on /mnt/home type ext4 (rw,relatime,data=ordered)

4.6.讓文件系統支持quota設置

[root@mail ~]# mount -o remount,usrquota,grpquota /mnt/home   #從新掛載/mnt/home 支持usrquota,grpquota
[root@mail ~]# mount |grep /mnt/home                           #確認下
/dev/sdb1 on /mnt/home type ext4 (rw,relatime,quota,usrquota,grpquota,data=ordered)
[root@mail ~]# tail -n 1 /etc/mtab >> /etc/fstab         #追加到/etc/fstab中去，確保開機啓用quota
[root@mail ~]# cat /etc/fstab                            #確保fstab文件正確性

#
# /etc/fstab
# Created by anaconda on Fri Feb 10 03:56:55 2017
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/cl-root     /                       xfs     defaults        0 0
UUID=dd4c6743-bdf5-4899-a43b-814cbe75c618 /boot                   xfs     defaults        0 0
/dev/mapper/cl-swap     swap                    swap    defaults        0 0
/dev/sr0 /mnt/cdrom iso9660 ro,relatime,uid=0,gid=0,iocharset=utf8,mode=0400,dmode=0500 0 0
/dev/sdb1 /mnt/home ext4 rw,relatime,quota,usrquota,grpquota,data=ordered 0 0

4.7.掃描文件系統並新建quota的配置文件

[root@mail ~]# quotacheck -avug
quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown.
quotacheck: Scanning /dev/sdb1 [/mnt/home] done
quotacheck: Cannot stat old user quota file /mnt/home/aquota.user: No such file or directory. Usage will not be subtracted.
quotacheck: Cannot stat old group quota file /mnt/home/aquota.group: No such file or directory. Usage will not be subtracted.
quotacheck: Cannot stat old user quota file /mnt/home/aquota.user: No such file or directory. Usage will not be subtracted.
quotacheck: Cannot stat old group quota file /mnt/home/aquota.group: No such file or directory. Usage will not be subtracted.
quotacheck: Checked 30 directories and 20 files
quotacheck: Old file not found.
quotacheck: Old file not found.

主要參數

• -a:　　掃描全部在/etc/mtab內含有quota參數的文件系統
• -u:　　針對用戶掃描文件與目錄的使用狀況，會新建一個aquota.user文件
• -g:　　針對用戶組掃描文件與目錄的使用狀況，會新增一個aquota.group文件
• -v:　　顯示掃描過程的信息

4.8 啓用quota

[root@mail ~]# quotaon  -avug    #啓用quota
/dev/sdb1 [/mnt/home]: group quotas turned on
/dev/sdb1 [/mnt/home]: user quotas turned on

 這個命令（quotaon） 幾乎只須要在第一次啓動quota時才須要進行，由於下次等你從新啓動時，系統的/etc/rc.d/rc.sysinit這個初始化腳本就會自動執行這個命令。

若是想關閉可使用quotaoff -avug

4.9.編輯帳戶的的限值

[root@mail ~]# edquota -u user1

會打開一個vi編輯器，修改咱們的設置以下圖。

• 軟限制： 這個值超過了基本上沒事，仍是能夠建立文件繼續使用文件，可是在指定grace天事後就不能在建立文件了。
• 硬限值： 這個值不能超過。

執行以下命令將user1的設置應用到其餘用戶上

[root@mail ~]# edquota -p user1 -u user2    #-p 指定參考用戶，這句話的意思就是將user1的quota信息賦值給user2
[root@mail ~]# edquota -p user1 -u user3
[root@mail ~]# edquota -p user1 -u user4
[root@mail ~]# edquota -p user1 -u user5

4.10.編輯組的設置

[root@mail ~]# edquota -g usergrp

4.11.修改寬限時間

[root@mail ~]# edquota -t

4.12.對用戶和組合quota限制查看

[root@mail ~]# quota -uvs user1       #查看user1的限制信息
Disk quotas for user user1 (uid 2531): 
     Filesystem   space   quota   limit   grace   files   quota   limit   grace
      /dev/sdb1     28K    245M    293M               7       0       0        
[root@mail ~]# quota -gvs usergrp
Disk quotas for group usergrp (gid 2532): #查看usergrp的限制信息
     Filesystem   space   quota   limit   grace   files   quota   limit   grace
      /dev/sdb1      0K    879M    977M               0       0       0

參數說明

• -u:　　指定用戶
• -g:　　指定用戶組
• -s:　　以1024爲倍數來指定單位，顯示M之類的單位
• -v:　　顯示用戶在文件系統的quota值

4.13對文件系統quota限制查看

[root@mail ~]# repquota -as
*** Report for user quotas on device /dev/sdb1                   #這裏看到是針對/dev/sdb1的文件系統的
Block grace time: 14days; Inode grace time: 7days
                        Space limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
----------------------------------------------------------------------
root      --     20K      0K      0K              2     0     0       
zhao      --     52K      0K      0K             13     0     0       
user1     --     28K    245M    293M              7     0     0       
user2     --     28K    245M    293M              7     0     0       
user3     --     28K    245M    293M              7     0     0       
user4     --     28K    245M    293M              7     0     0       
user5     --     28K    245M    293M              7     0     0

4.14.quota測試

[user1@mail ~]$ dd if=/dev/zero of=bigfile bs=1M count=270  #先建立一個270M的文件看看 
sdb1: warning, user block quota exceeded.                   #這裏提示警告了。 也就是咱們超過了軟限制的值250了。
270+0 records in
270+0 records out
283115520 bytes (283 MB) copied, 0.715086 s, 396 MB/s
[user1@mail ~]$ dd if=/dev/zero of=bigfile2 bs=1M count=40  #這裏咱們建立一個40M的文件
sdb1: write failed, user block limit reached.               #提示錯誤了。超出限制了。
dd: error writing ‘bigfile2’: Disk quota exceeded
23+0 records in
22+0 records out
24035328 bytes (24 MB) copied, 0.1165 s, 206 MB/s
[user1@mail ~]$ du -sk                                      #查看兩個文件佔用狀況
300000    .

4.12腳本設置quota信息

上面咱們對用戶和組的設置，它會啓動一個vi編輯器，修改保存才生效。須要交互。若是咱們想使用script方式快速設置，那就須要使用setquota命令了。

命令使用  setquota  [  -u  | -g ] 用戶名或者組名 塊大小軟限制 塊大小硬限制  文件數量軟限制 文件數量大小硬限制 文件系統

[root@mail ~]# quota -usv user1     #查看user1的quota信息
Disk quotas for user user1 (uid 2531): 
     Filesystem   space   quota   limit   grace   files   quota   limit   grace
      /dev/sdb1    293M*   245M    293M  13days      14       0       0        
[root@mail ~]# setquota -u user1 400000 500000 100 200 /dev/sdb1    #使用setquota修改
[root@mail ~]# quota -usv user1                                     #再次查看quota信息
Disk quotas for user user1 (uid 2531): 
     Filesystem   space   quota   limit   grace   files   quota   limit   grace
      /dev/sdb1    293M    391M    489M              14     100     200