问题
Since I have been told that if a user in my computer will create "infinite" number of folders / files (even empty) it can cause my computer to become much much slower (even stuck), I want to limit the maximum number of files/directories that user can create.
I'm afraid that one user will try to create a huge number of files and it will become a problem for all the other users, so it will be a security issue, How do I do that, how do I limit the max number of files/directories each user can create?
回答1:
This is what quotas are designed for. You can use file system quotas to enforce limits, per user and/or per group for:
- the amount of disk size space that can be used
- the number of blocks that can be used
- the number of inodes that can be created.
The number of inodes will essentially limit the number of files and directories a user can create.
There is extensive, very good quality documentation about how to configure file system quotas in many sources, which I suggest you read further:
- https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-disk-quotas.html
- https://wiki.archlinux.org/index.php/disk_quota
- http://www.ibm.com/developerworks/library/l-lpic1-v3-104-4/
- http://www.firewall.cx/linux-knowledgebase-tutorials/linux-administration/838-linux-file-system-quotas.html
回答2:
You should first enable quota check on your filesystem
Modify the /etc/fstab, and add the keyword usrquota and grpquota to the corresponding filesystem that you would like to monitor.
The following example indicates that both user and group quota check is enabled on /home filesystem
# cat /etc/fstab
LABEL=/home /home ext2 defaults,usrquota,grpquota 1 2
reboot after this is done.
Once you’ve enabled disk quota check on the filesystem, collect all quota information initially as shown below.
# quotacheck -avug
quotacheck: Scanning /dev/sda3 [/home] done
quotacheck: Checked 5182 directories and 31566 files
quotacheck: Old file not found.
quotacheck: Old file not found.
Now, use the edquota command as shown below, to edit the quota information for a specific user.
For example, to change the disk quota for user ‘ramesh’, use edquota command, which will open the soft, hard limit values in an editor as shown below.
# edquota ramesh
Disk quotas for user ramesh (uid 500):
Filesystem blocks soft hard inodes soft hard
/dev/sda3 1419352 0 0 1686 0 0
Hard limit – if you specify 2GB as hard limit, user will not be able to create new files after 2GB
Soft limit – if you specify 1GB as soft limit, user will get a warning message “disk quota exceeded”, once they reach 1GB limit. But, they’ll still be able to create new files until they reach the hard limit
Lastly, if you would like a report each day on a users quota you can do the following.
Add the quotacheck to the daily cron job. Create a quotacheck file as shown below under the /etc/cron.daily directory, that will run the quotacheck command everyday. This will send the output of the quotacheck command to root email address.
# cat /etc/cron.daily/quotacheck
quotacheck -avug
来源:https://stackoverflow.com/questions/36894860/how-can-i-limit-the-max-numbers-of-folders-that-user-can-create-in-linux