Linux CentOS 8（磁盘容量配额（Quota））

Linux CentOS 8（磁盘容量配额（Quota））

---

---

一、项目介绍

本节将介绍Linux（Centos8）中的磁盘容量配额（Quota）。

二、相关概念

2.1 配额（Quota）的概念

磁盘配额是计算机中指定磁盘的储存限制，就是管理员可以为用户所能使用的磁盘空间进行配额限制，每一用户只能使用最大配额范围内的磁盘空间。在linux系统中，是多用户多任务的环境，所以会有很多人共用一个磁盘的情况。针对每个用户去限定一定量的磁盘空间是有必要的，这样才显得公平。

2.2 配额（Quota）的功能作用

磁盘配额可以限制指定账户能够使用的磁盘空间,这样可以避免因某个用户的过度使用磁盘空间造成其他用户无法正常工作甚至影响系统运行。在服务器管理中此功能非常重要，但对单机用户来说意义不大。quota命令还有软限制和硬限制的功能：

• 软限制：当达到软限制时会提示用户，但仍允许用户在限定的额度内继续使用。
• 硬限制：当达到硬限制时会提示用户，且强制终止用户的操作。

三、任务操作

任务1- quota的主要模块

1.1 安装quota软件

[root@localhost ~]# yum -y install quota  //安装quota软件
Last metadata expiration check: 0:11:54 ago on Mon 26 Jul 2021 09:54:55 PM CST.
Dependencies resolved.
===========================================================================================
 Package              Architecture      Version                    Repository         Size
===========================================================================================
Installing:
 quota                x86_64            1:4.04-12.el8              BaseOS            213 k
Installing dependencies:
 quota-nls            noarch            1:4.04-12.el8              BaseOS             95 k

Transaction Summary
===========================================================================================
Install  2 Packages

Total download size: 307 k
Installed size: 1.1 M
Downloading Packages:
(1/2): quota-nls-4.04-12.el8.noarch.rpm                    3.6 kB/s |  95 kB     00:26    
(2/2): quota-4.04-12.el8.x86_64.rpm                        7.9 kB/s | 213 kB     00:26    
-------------------------------------------------------------------------------------------
Total                                                      5.9 kB/s | 307 kB     00:52     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                   1/1 
  Installing       : quota-nls-1:4.04-12.el8.noarch                                    1/2 
  Installing       : quota-1:4.04-12.el8.x86_64                                        2/2 
  Running scriptlet: quota-1:4.04-12.el8.x86_64                                        2/2 
  Verifying        : quota-1:4.04-12.el8.x86_64                                        1/2 
  Verifying        : quota-nls-1:4.04-12.el8.noarch                                    2/2 

Installed:
  quota-1:4.04-12.el8.x86_64                 quota-nls-1:4.04-12.el8.noarch                
Complete!
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

1.2 quota的主要模块

[root@localhost ~]# quota    //tab键按两下
quota    quotacheck  quotaoff    quotaon     quotastats  quotasync 
1
2

1.3 查看“quota”的选项

[root@localhost ~]# quota -h
quota: Usage: quota [-guPqvswim] [-l | [-Q | -A]] [-F quotaformat]
	quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -u username ...
	quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -g groupname ...
	quota [-qvswugPQm] [-F quotaformat] -f filesystem ...

-u, --user                display quota for user
-g, --group               display quota for group
-P, --project             display quota for project
-q, --quiet               print more terse message
-v, --verbose             print more verbose message
-s, --human-readable      display numbers in human friendly units (MB, GB...)
    --always-resolve      always try to translate name to id, even if it is
			  composed of only digits
-w, --no-wrap             do not wrap long lines
-p, --raw-grace           print grace time in seconds since epoch
-l, --local-only          do not query NFS filesystems
-Q, --quiet-refuse        do not print error message when NFS server does
                          not respond
-i, --no-autofs           do not query autofs mountpoints
-F, --format=formatname   display quota of a specific format
-f, --filesystem-list     display quota information only for given filesystems
-A, --all-nfs             display quota for all NFS mountpoints
-m, --no-mixed-pathnames  trim leading slashes from NFSv4 mountpoints
    --show-mntpoint       show mount point of the file system in output
    --hide-device         do not show file system device in output
-h, --help                display this help message and exit
-V, --version             display version information and exit
Bugs to: jack@suse.cz
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

quota命令常用选项，如表1所示。

表1 quota命令常用选项的用法

1.4 查看“quotacheck”的选项

[root@localhost ~]# quotacheck -h
Utility for checking and repairing quota files.
quotacheck [-gucbfinvdmMR] [-F <quota-format>] filesystem|-a

-u, --user                check user files
-g, --group               check group files
-c, --create-files        create new quota files
-b, --backup              create backups of old quota files
-f, --force               force check even if quotas are enabled
-i, --interactive         interactive mode
-n, --use-first-dquot     use the first copy of duplicated structure
-v, --verbose             print more information
-d, --debug               print even more messages
-m, --no-remount          do not remount filesystem read-only
-M, --try-remount         try remounting filesystem read-only,
                          continue even if it fails
-R, --exclude-root        exclude root when checking all filesystems
-F, --format=formatname   check quota files of specific format
-a, --all                 check all filesystems
-h, --help                display this message and exit
-V, --version             display version information and exit
Bugs to jack@suse.cz
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

quotacheck命令常用选项，如表2所示。

表2 quotacheck命令常用选项的用法

1.5 查看“edquota”的选项

[root@localhost ~]# edquota -h
edquota: Usage:
	edquota [-rm] [-u] [-F formatname] [-p username] [-f filesystem] username ...
	edquota [-rm] -g [-F formatname] [-p groupname] [-f filesystem] groupname ...
	edquota [-rm] -P [-F formatname] [-p projectname] [-f filesystem] projectname ...
	edquota [-u|g|-P] [-F formatname] [-f filesystem] -t
	edquota [-u|g|-P] [-F formatname] [-f filesystem] -T username|groupname|projectname ...

-u, --user                    edit user data
-g, --group                   edit group data
-P, --project                 edit project data
-r, --remote                  edit remote quota (via RPC)
-m, --no-mixed-pathnames      trim leading slashes from NFSv4 mountpoints
-F, --format=formatname       edit quotas of a specific format
-p, --prototype=name          copy data from a prototype user/group
    --always-resolve          always try to resolve name, even if it is
                              composed only of digits
-f, --filesystem=filesystem   edit data only on a specific filesystem
-t, --edit-period             edit grace period
-T, --edit-times              edit grace time of a user/group
-h, --help                    display this help text and exit
-V, --version                 display version information and exit

Bugs to: jack@suse.cz
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

edquota命令常用选项，如表3所示。

1.6 查看“edquota”的选项

[root@localhost ~]# quotaon -h
quotaon: Usage:
	quotaon [-guPvp] [-F quotaformat] [-x state] -a
	quotaon [-guPvp] [-F quotaformat] [-x state] filesys ...

-a, --all                turn quotas on for all filesystems
-f, --off                turn quotas off
-u, --user               operate on user quotas
-g, --group              operate on group quotas
-P, --project            operate on project quotas
-p, --print-state        print whether quotas are on or off
-x, --xfs-command=cmd    perform XFS quota command
-F, --format=formatname  operate on specific quota format
-v, --verbose            print more messages
-h, --help               display this help text and exit
-V, --version            display version information and exit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

quotaon命令常用选项，如表4所示。

任务2- 磁盘配额的应用

假设现在我们要对jan16 这个用户对/public目录的写入容量进行限制，具体：软限制：10KB 硬限制：20KB ；创建的文件数量软限制：3个 硬限制 5个

2.1 新建用户，设置密码

[root@localhost ~]# useradd jan16
[root@localhost ~]# echo 'jan16' |passwd jan16 --stdin
Changing password for user jan16.
passwd: all authentication tokens updated successfully.   
1
2
3
4

2.2 创建一个2G的逻辑分区，并格式化为ext4文件系统

[root@localhost ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5691659a.
Command (m for help): n
Partition type
   p   primary (0 primary, 0 extended, 4 free)
   e   extended (container for logical partitions)
   
Select (default p): p
Partition number (1-4, default 1): 
First sector (2048-41943039, default 2048): 
Last sector, +sectors or +size{K,M,G,T,P} (2048-41943039, default 41943039): +2G
Created a new partition 1 of type 'Linux' and of size 2 GiB.

Command (m for help): p
Disk /dev/sdb: 20 GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x5691659a
Device     Boot Start     End Sectors Size Id Type
/dev/sdb1        2048 4196351 4194304   2G 83 Linux

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost ~]# mkfs.ext4 /dev/sdb1
mke2fs 1.45.4 (23-Sep-2019)
Creating filesystem with 524288 4k blocks and 131072 inodes
Filesystem UUID: 63795614-6fb9-4dcf-93a2-d14604e42858
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912
Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

2.3 创建挂载目录，并且修改权限777，让其他用户拥有所有权

[root@localhost ~]# mkdir /public
[root@localhost ~]# chmod 777 /public
1
2

2.4 创建文件挂载点，编辑/ect/fstab

[root@localhost ~]# echo "/dev/sdb1  /public   ext4  defaults,usrquota,grpquota  0  0"   >>/etc/fstab 
[root@localhost ~]# mount -a
[root@localhost ~]# cat /etc/fstab 
#
# /etc/fstab
# Created by anaconda on Thu Jun  3 22:25:51 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/cl-root     /                       xfs     defaults        0 0
UUID=ad229ff4-8126-495a-b98f-954230112e1a /boot                   ext4    defaults        1 2
/dev/mapper/cl-swap     swap                    swap    defaults        0 0
/dev/sdb1  /public   ext4  defaults,usrquota,grpquota  0  0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

2.5 查看/dev/sdb1是否开启quota

方法一：

[root@localhost ~]# mount |grep /dev/sdb1
/dev/sdb1 on /public type ext4 (rw,relatime,seclabel,quota,usrquota,grpquota)
1
2

方法二：

[root@localhost ~]# ls /public/
lost+found              //挂载成功
1
2

2.6 使用quotacheck命令生成配置磁盘配置的数据库文件

• 若selinux开启的话会提示权限不够，通过setenforce 0临时关掉selinux就可以了
• 创建磁盘配额配置文件，命令参数解释如下：

[root@localhost ~]# setenforce 0
[root@localhost ~]# quotacheck -vug /public/  
// -v 显示扫描过程；
// -u 针对扫描情况与目录的使用情况建立aquota.user；
// -g 针对用户扫描文件与使用情况建立aquota.group；
quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown.
quotacheck: Scanning /dev/sdb1 [/public] done
quotacheck: Checked 3 directories and 2 files
1
2
3
4
5
6
7
8

2.7 配置jan16用户使用/dev/sdb1分区的限额

[root@localhost ~]# edquota -u jan16
Disk quotas for user jan16 (uid 2223):
Filesystem   blocks    soft       hard     inodes     soft     hard
/dev/sdb1     20         10         20          5        3        5

# 输入上面的命令后，会进入一个vi编辑界面
# 对其中各字段解释如下：
# Filesystem下显示实现磁盘配额的分区；
# blocks下为当前已经使用的大小，不用修改；
# soft为软限制，超出后会给出警告，超出的部分默认会保存7天；
# hard为硬限制，不可超越的限制（软硬限制默认单位都是KB）；
# 后面的两个相同的soft、hard分别表示分区中这个用户可以创建的文件数目软硬限制；
# 本实验中设置，jan16可以使用/dev/sdb1分区的软限制大小10KB，硬限制20KB，可创建的文件个数软限制是3个，硬限制5个；
1
2
3
4
5
6
7
8
9
10
11
12
13

2.8 开启这个分区的磁盘配额

[root@localhost ~]# quotaon /public
1

任务3- 实验测试

3.1 切换用户jan16，并进入目录/public

[root@localhost ~]# su - jan16
[jan16@localhost ~]$ cd /public
1
2

3.2 使用dd命令进行文件写入测试

[jan16@localhost public]$ dd if=/dev/zero of=/public/testfile1 bs=1K count=12
sdb1: warning, user block quota exceeded.
12+0 records in
12+0 records out
12288 bytes (12 kB, 12 KiB) copied, 0.000130243 s, 94.3 MB/s
[jan16@localhost public]$ dd if=/dev/zero of=/public/testfile3 bs=1K count=12
sdb1: write failed, user block limit reached.
dd: error writing '/public/testfile3': Disk quota exceeded
9+0 records in
8+0 records out
8192 bytes (8.2 kB, 8.0 KiB) copied, 0.00023131 s, 35.4 MB/s
 
#使用dd命令进行文件写入测试，
dd if=/dev/zero of=/public/testfile1 bs=1K count=12
其中，if=/dev/zero 表示从"/dev/zero"文件输出，of=/public/testfile1 表示输入到"/public/testfile1"文件中，也就是，从/dev/zero这个文件中读取垃圾数据写入/public/testfile1这个文件中； bs=1K 表示一次读取写入的大小是1KB，count=12 表示读取12次；所以理论上最后写入/sdb1/testfile1的数据应该是12KB
dd if=/dev/zero of=/public/testfile3 bs=1K count=12
因为针对jan16用户在这个分区的软限制设置是10KB，所以这里给出了警告信息。而第二次又出现了一个警告，并且下方显示只有8K的数据被复制，这是因为我们设置的硬限制是20KB。因为第一个文件已经占用了12KB的数据，第二个文件仅可以写入了8KB的数据，硬限制是不能被超越的，而软限制10KB是可以被超越的，超越的数据，会在这个分区中默认保存7天，然后系统将自动删除这些数据。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

3.3 测试文件数量限制

[jan16@localhost public]$ touch file1
[jan16@localhost public]$ touch file2
[jan16@localhost public]$ touch file3
[jan16@localhost public]$ touch file4
sdb1: warning, user file quota exceeded.
[jan16@localhost public]$ touch file5
[jan16@localhost public]$ touch file6
sdb1: write failed, user file limit reached.
touch: cannot touch 'file6': Disk quota exceeded
1
2
3
4
5
6
7
8
9

3.4 查看当前用户的磁盘配额使用情况

[jan16@localhost public]$ quota -vugs
Disk quotas for user jan16 (uid 2223): 
Filesystem   space   quota   limit   grace   files   quota   limit   grace
 /dev/sdb1      0K     10K     20K               5*      3       5   6days
Disk quotas for group jan16 (gid 2224): 
Filesystem   space   quota   limit   grace   files   quota   limit   grace
/dev/sdb1      0K      0K      0K               5       0       0     
1
2
3
4
5
6
7

3.5 关闭磁盘配额
（1）关闭单个磁盘的磁盘配额

[root@localhost ~]# quotaoff /public
1

（2）关闭所有已经开启的磁盘配额

[root@localhost ~]# quotaoff -auvg
/dev/sdb1 [/public]: group quotas turned off
/dev/sdb1 [/public]: user quotas turned off
1
2
3

（3）开启所有磁盘配额

[root@localhost ~]# quotaon -auvg
/dev/sdb1 [/public]: group quotas turned on
/dev/sdb1 [/public]: user quotas turned on
1
2
3

---

制作成员： 杨佳佳
排版： 裕新
初审： 何嘉愉
复审： 二月二

---

点击下方“正月十六工作室”查看更多学习资源

正月十六工作室