On Thu, Jan 7, 2010 at 3:53 AM, Alex Samad <[email protected]> wrote:
> On Thu, Jan 07, 2010 at 02:29:25AM +0100, Marc Aymerich wrote: > > Hi all! > > > > I can't use kernel quota module and I would like implement a substitute > > for it. My idea is run a 'du' every night that it counts the amount of > disk > > space that every user has in his own home. The matter is, how can I > prevent > > users from using more disk space than the allowed by their quota?. > > > > In the first place I thought of remounting their home with 'ro' option, > but > > that isn't a good idea because the user wouldn't able to clean his home > > directory in order to recover write permission. Then, my question is: > > > > There are any mechanism that I can use for forbid writes but allow > deletes? > > Maybe with ACLs? Maybe with /etc/security/limits.conf? I don't know :( > > use LVM and maker LV equal to the max size allocated to the user, then > mount the partition on their home directory. > > you then have to make sure they don't leave files in other places like > /tmp or /var/tmp ... > > Hi Alex, Thank you for your response! In my first mail I forgot to say that actually I have more than 700 users in this server. Correct me if I'm wrong (my experience with LVM is a pretty limited), but I think that having 700 partitions may require extensive overhead. What do you think about that? Thank you!! Marc > > > > > Thanks for thinking about it!! > > Marc > > > > PD: If you can't resist the temptation of asking why I can't use quota > > module. The answer is because the home partition is mounted from a iSCSI > > device inside a openVz container. And the quota support for this scenario > > isn't implemented yet :(. > > -- > "You know, one of the hardest parts of my job is to connect Iraq to the war > on terror." > > - George W. Bush > 09/06/2006 > Washington, DC > in an interview on CBS News > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > > iEYEARECAAYFAktFTJoACgkQkZz88chpJ2OQJwCePVCduhMeAkID65MEROz6muID > nNwAn3sygjxxdTEI3yIUa2nIrfGFhWeK > =QnkJ > -----END PGP SIGNATURE----- > >
