FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 01-07-2010, 12:29 AM
Marc Aymerich
 
Default How to set only delete permision in a directory and theirs subdirectories.

Hi all!
I can't use kernel quota module and I would like*implement a substitute for*it.*My idea is run*a 'du' every night*that*it counts the amount of disk space that every user*has*in*his own home. The matter is, how can I prevent users from*using more disk space than the*allowed by their quota?.



In the first place I thought of remounting*their*home with 'ro' option, but that isn't a good idea because the user*wouldn't*able*to clean his home directory in order to recover write permission. Then, my question is:



There are any mechanism that I can use for forbid writes but allow deletes? Maybe with ACLs? Maybe with /etc/security/limits.conf? I don't know

Thanks for thinking about it!!
Marc

PD: If you can't resist the temptation of asking why I can't use quota module. The answer is because the home partition is mounted from a iSCSI device inside a openVz container. And the quota support for this scenario isn't implemented yet .**
 
Old 01-07-2010, 02:10 AM
Marc Aymerich
 
Default How to set only delete permision in a directory and theirs subdirectories.

On Thu, Jan 7, 2010 at 3:53 AM, Alex Samad <alex@samad.com.au> wrote:


On Thu, Jan 07, 2010 at 02:29:25AM +0100, Marc Aymerich wrote:

> Hi all!

>

> I can't use kernel quota module and I would like implement a substitute

> for it. My idea is run a 'du' every night that it counts the amount of disk

> space that every user has in his own home. The matter is, how can I prevent

> users from using more disk space than the allowed by their quota?.

>

> In the first place I thought of remounting their home with 'ro' option, but

> that isn't a good idea because the user wouldn't able to clean his home

> directory in order to recover write permission. Then, my question is:

>

> There are any mechanism that I can use for forbid writes but allow deletes?

> Maybe with ACLs? Maybe with /etc/security/limits.conf? I don't know



use LVM and maker LV equal to the max size allocated to the user, then

mount the partition on their home directory.



you then have to make sure they don't leave files in other places like

/tmp or /var/tmp ...



Hi Alex, Thank you for your response!
In my first mail I forgot to say that actually I have more than 700 users in this server. Correct me if I'm wrong (my experience with LVM is a pretty limited), but I think that having 700 partitions may require extensive overhead. What do you think about that?


Thank you!!Marc*


>

> Thanks for thinking about it!!

> Marc

>

> PD: If you can't resist the temptation of asking why I can't use quota

> module. The answer is because the home partition is mounted from a iSCSI

> device inside a openVz container. And the quota support for this scenario

> isn't implemented yet .



--

"You know, one of the hardest parts of my job is to connect Iraq to the war on terror."



* * * *- George W. Bush

09/06/2006

Washington, DC

in an interview on CBS News


-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.10 (GNU/Linux)



iEYEARECAAYFAktFTJoACgkQkZz88chpJ2OQJwCePVCduhMeAk ID65MEROz6muID

nNwAn3sygjxxdTEI3yIUa2nIrfGFhWeK

=QnkJ

-----END PGP SIGNATURE-----
 
Old 01-07-2010, 03:44 AM
Marc Aymerich
 
Default How to set only delete permision in a directory and theirs subdirectories.

On Thu, Jan 7, 2010 at 4:10 AM, Marc Aymerich*<glicerinu@gmail.com>*wrote:
>
>
> On Thu, Jan 7, 2010 at 3:53 AM, Alex Samad*<alex@samad.com.au>*wrote:
>>
>> On Thu, Jan 07, 2010 at 02:29:25AM +0100, Marc Aymerich wrote:
>> > Hi all!
>> >
>> > I can't use kernel quota module and I would like implement a substitute
>> > for it. My idea is run a 'du' every night that it counts the amount of disk
>> > space that every user has in his own home. The matter is, how can I prevent
>> > users from using more disk space than the allowed by their quota?.
>> >
>> > In the first place I thought of remounting their home with 'ro' option, but
>> > that isn't a good idea because the user wouldn't able to clean his home
>> > directory in order to recover write permission. Then, my question is:
>> >
>> > There are any mechanism that I can use for forbid writes but allow deletes?
>> > Maybe with ACLs? Maybe with /etc/security/limits.conf? I don't know
>>
>> use LVM and maker LV equal to the max size allocated to the user, then
>> mount the partition on their home directory.
>>
>> you then have to make sure they don't leave files in other places like
>> /tmp or /var/tmp ...
>>
>
Maybe I create a confusion when I said:
> "In the first place I thought of remounting their home with 'ro' option".
It sounds like I have every user home in separated partitions. I did
expressed myself really badly. Actually I have all homes in one
partition, what I meant is make a bind mount of the directory in the
same directory:
mount --bind /home/user /home/user
and then remount it in read only
mount -o remount,ro /home/user
sounds a bit stupid/complicated but is the only way I found to be able
read-only for a directory without override permissions.

On Thu, Jan 7, 2010 at 5:25 AM, Alex Samad <alex@samad.com.au> wrote:
>
> On Thu, Jan 07, 2010 at 04:10:19AM +0100, Marc Aymerich wrote:
> > On Thu, Jan 7, 2010 at 3:53 AM, Alex Samad <alex@samad.com.au> wrote:
> >
> > > On Thu, Jan 07, 2010 at 02:29:25AM +0100, Marc Aymerich wrote:
> > > > Hi all!
>
> [snip]
>
> > > use LVM and maker LV equal to the max size allocated to the user, then
> > > mount the partition on their home directory.
> > >
> > > you then have to make sure they don't leave files in other places like
> > > /tmp or /var/tmp ...
> > >
> > >
> > Hi Alex, Thank you for your response!
> >
> > In my first mail I forgot to say that actually I have more than 700 users in
> > this server. Correct me if I'm wrong (my experience with LVM is a pretty
> > limited), but I think that having 700 partitions may require extensive
> > overhead. What do you think about that?
> LVM's are pretty efficient from my *understanding, although *700+ lv's
> is way bigger than I have heard. *But it would meet your requirement -
> limit them to the amount of space give them the ability to still there
> files
>
>

I'd have never imagined that LVM can manage so much partitions. I'll
make some tests
thnak you very much!

>
> >
> > Thank you!!
> > Marc
> >
>
> [snip]
>
> > >
>
> --
> "You're probably wondering why somebody who has been in politics is talking about Social Security. After all, it's been called the third rail of American politics. You grab a hold of it, and you get electrified."
>
> * * * *- George W. Bush
> 03/04/2005
> South Bend, IN
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAktFYigACgkQkZz88chpJ2PNUgCgoGuhyMEvJr rKpAXD3ExyiS+y
> xvAAnimrHsvFoRT5YU7hCtB7FHgoyzte
> =fkIc
> -----END PGP SIGNATURE-----
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 10:28 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org