This tutorial explains how to configure disk quota in Linux step by step with practical examples. Learn basic concepts of disk quota (Soft limit, Hard limit, Grace period, Block Size and Inode Number) and Linux disk quota management commands (quotacheck, edquota, quota, repquota, quotaoff and quotaon) in detail.
Basic concepts of disk quota
If you are the only person who uses the disk, there is no need to implement quota at all. But if there are multiple users who use the same disk, quotas are the best ways to control the individual users from monopolizing entire disk space. A user limited by disk quotas cannot use additional disk space beyond his limit. For example suppose there are four users; user a, user b, user c and user d. Without quota any user can use entire disk space, leaving no space for other users. This situation is very common in shared environment such as web hosting, ISPs, file server, ftp server etc. But if disk quota is enabled, no user can use disk space beyond his limit.
LAB Setup for disk quota practice
Although we can use a regular partition for practice, but if possible I suggest you to use a separate disk and create partition in that disk. If linux is installed in virtual system, you can add an additional disk for practice. If linux is installed in physical system, you can use a USB stick for practice.
To learn how to add an additional disk in system and create partitions in that disk see the following tutorial
which explains this process step by step with examples.
Manage Linux disk partition with Fdisk command
For this tutorial, I assume that you have a separate partition or a partition which does not contain any important user data.
During this practice we will execute commands which will overwrite exiting data with null characters. So make sure the partition you are going to use for practice does not contain any important user data.
We also need some user accounts and one group account to simulate the shared environment. Let’s create four user accounts for practice.
Create a group quotatest and add user c and user d in that group.
Quota functionality is provided by quota package. To check whether this package is installed or not, use following commands
#rpm –qa quota
or
#yum list quota
For this tutorial, I assume that quota package is installed.
To learn, how to install a package use following tutorials which explain how to install and manage packages in linux step by step.
How to configure yum Repository in Linux
RPM command in Linux Explained
That’s all setup we need for disk quota practice. Before we learn how to configure disk quota practically, let’s understand two terms associated with disk quota.
Block Size and Inode Number
We can configure disk quotas for individual user or group based on block size or inode number. A file has two types of data; user data and metadata. The user data is the data which we create in file. The metadata is the data which system creates for file. Metadata includes important information about file such as file type, attributes, permission, UID, GID, file size, last access, last modification, location of file in hard disk etc. Metadata is stored in inode table. Each file stored in disk has its unique entry in inode table that is used to store the metadata information about that file.
If we want to control the size of files, we would configure the quota based on block size. If we want to control the number of files, we would configure the quota based on inode number. To control both, we would configure quota based on both block size and inode number.
It is highly recommended to configure quota based on both block size and inode number. If we skip any one method, a malicious user may use that method to abuse the system. Let’s understand it with some examples.
Situation 1 (Quota is configured only based on block size)
1GB quota is configured based on block size for user a. Since quota for inode number is not configured, user can create files until entire 1GB space is not filled up. To abuse this system user can create relatively small size files. For example if he keeps file size only 1Kb, he can create 1000000 files (1 GB = 1000000Kb). 1000000 files means, 1000000 entries in inode table. This way only with 1GB space a user can make inode table unstable.
Situation 2 (Quota is configured only based on inode table)
100 inode numbers are configured as inode quota for user a. Since quota for block size is not configured, user can create 100 files (no matter how big or small in size they are). To abuse this system, user can create large size files. For example he can create a file of 1Tb in size. Yep, you read it right. Linux supports very big size files. For instance ext4 file system supports 16Tib individual file size. It means if disk is formatted with ext4 file system, we can create a single file of 16TiB in size. This way only 1 inode number is sufficient to fill up the entire disk space.
Situation 3 (Quota is configured on both block size and inode number)
1GB block size and 100 inode numbers are configured as quotas for user a. Since both block size and inode numbers are configured, user cannot abuse this system. No matter how small files in size he creates, he is not allowed to create more than 100 files. Just like this, no matter how big file in size he creates, he is not allowed to use more than 1GB disk space. As soon as 100 files are created, inode quota will block him from creating new file. Same way as soon as 1 GB space is consumed, block size quota will block him from using additional disk space. This way, if both block size and inode numbers are configured, user will not able to cheat the system.
How to configure the disk quota
Disk quota can be configured in four steps
- Enable quota
- Remount file system
- Create quota files
- Configure quota policy
Let’s understand each step in details
Enabling quota
Linux uses /etc/fstab configuration file to mount all partitions in file system at boot time. This file contains all necessary information about the partition such as partition location at disk, mount point, attributes and other control options which are required to mount a partition. Each entry in this file has six fields.
| Number | Filed | Description |
| 1 | What to mount | Device which we want to mount. We can use device name, UUID and label in this filed to represent the device. |
| 2 | Where to mount | The directory in main Linux File System where we want to mount the device. |
| 3 | File system | File system type of device. |
| 4 | Options | Mount options which control the mount process. To enable user quota add usrquota option and to enable group quota add grpquota option. |
| 5 | Dump support | To enable the dump on this device use 1. Use 0 to disable the dump. |
| 6 | Automatic check | Whether this device should be checked while mounting or not. To disable use 0, to enable use 1 (for root partition) or 2 (for all partitions except root partition). |
In order to enable user quota, we have to add usrquota option in fourth field. Just like it, to enable group quota, we have to add grpquota option in fourth field. Let’s enable both quotas for partition /dev/sdb1.
Following figure illustrates updated /etc/fstab file
Any changes made in /etc/fstab file will not apply until next time system reboots. This is also applies on the disk quota options which we have recently added in this file. We have two choices here; either restart the system or remount the associated partition. Wherever possible we should always choose the first option. But in several situations immediate restart is not possible. In that case we can use second option.
Remounting file system
If partition is not used by any process, we can remount it with following command.
#mount –o remount [partition]
Following figure illustrate this operation
If partition is remounted without any error or warning, use mount | grep [partition] command to confirm that quota options are successfully applied.
Some common reasons which trigger errors here are typing mistake in fstab file, mount point unavailable, file system is not formatted and wrong partition is selected. If there is any error, correct that before moving in next step.
Creating quota files
In third step we will run following command.
#quotacheck –cug [partition where quota is enabled]
This command will create necessary files for quota. Let’s understand this command in detail.
quotacheck :- This command is used to check the quota implementation in partition.
c :- This option is used to create the quota files in specified partition.
u :- This option is used to check the user quota.
g :- This option is used to check the group quota.
Basically this command will check quota entries in specified partition. If aquota.user and aquota.group files are not available in specified partition, it will create them.
We need to run above command only once for each partition where we want to configure the disk quota.
Once necessary files are created, following command is used to sync the disk quota database table with current disk usages.
# quotacheck -avug
In this command
a :- This option is used to check all quota enabled partitions
v :- This option is used to print real time updates as command proceeds
u :- This option is used to check user disk quota information
g :- This option is used to check group disk quota information
aquota.user and aquota.group files are used to store quota configuration values for user and group respectively. Quota database keeps track of disk usage. How much space is allowed to a particular user is configured in aquota.user file while how much space has been used by that user is tracked in quota database table. aquota.user and aquota.group both are binary files which mean we cannot read or write them directly.
Configuring quota policies
To configure quota policies, we have to define three values; soft limit, hard limit and grace period.
Soft limit: - This limit is flexible. User or group is allowed to cross this limit temporary.
Hard limit: - This is fixed limit. User or group is not allowed to cross this limit.
Grace period: - This is the time period in which user or group is allowed to use additional space beyond the soft limit.
To understand quota policies practically, let's create some dummy requirements.
| User /Group | Block Size Soft Limit | Block Size Hard Limit | Grace period | Inode Soft Limit | Inode Hard limit | Grace period |
| a | 100Mb | 200Mb | 2 Minutes | 10 | 10 | Nil |
| b | 200Mb | 200Mb | Nil | 10 | 20 | 5 hours |
| quotatest | 1000Mb | 1500Mb | 1 Day | 100 | 150 | 5 days |
Nil: - If both soft limit and hard limit are same, there is no need to configure this value.
To configure quota edqota command is used. To configure quota for user a use following command
#edquota a
Above command will open user quota configuration file.
This file has seven columns
| Column | Name | Description |
| 1 | Filesystem | Partition where this quota will apply |
| 2 | blocks | Number of blocks currently used by this user |
| 3 | soft | Soft block size limit for user |
| 4 | hard | Hard block size limit for user |
| 5 | inodes | Number of inodes currently used by this user |
| 6 | soft | Soft inodes limit for user |
| 7 | hard | hard inodes limit for user |
Let’s update this file
Default block size is 1Kb. (1block = 1Kb).
Following same way, configure the quota limit for user b
Group quota is also defined in same manner. By default edquota command is used to set quota for users. To set quota for group we have to use –g option with this command. Let’s define group quota for group quotatest.
By default grace period is set to seven days. It means user or group will be able to use resources (block size or inodes after soft limit) till seven days. After seven days they will be denied to use any additional resources. We can adjust grace period as per our requirement.
To set grace period for user, use following command
edquota -T [username]
To set grace period for group, use following command
edquota -T -g [groupname]
To adjust global grace period, use following command
edquota -T
Following figure illustrates default configuration file.
To define quota time period valid time units are days, hours, minutes and seconds.
Let’s configure grace period for user a
Following same way configure grace period for user b
Configure grace period for group quotatest
Never put space between value and unit for example “5 days” will be wrong entry, correct entry will be “5days”. A space between value and unit or undefined value will generate edquota cannot read individual grace time from file error message.
Finally enable quota with following command
Testing disk quota
To verify disk quota setup, we can use following commands.
| Command | Description |
| quota [user name] | To view quota uses by user |
| quota –g [group name] | To view quota uses by group |
| repquota –a | To view quota uses by all users and groups |
System cannot generate quota reports, until user or group use the resources. If users or groups haven’t used any block size or inode number, we will get following message.
Disk quotas for user [name] uid : none
Above message indicates that particular user or group has not used any quota resources (block size or inode) to display.
Let’s create three directories and make user a, user b and group quotatest owner of them respectively.
Quota configuration testing from user a
User a is allowed 100Mb disk space. He is also allowed to use additional 100Mb space for 2 minutes. He can create maximum 10 files or directories in this space.
To test this configuration switch to user a and change directory to /rchelab.
Now list the content and switch to user-a directory and create 5 directories and 4 files
If files or directories name are supplied in {} bracket, they will be processed individually. The {} brackets is used to create multiple files or directories with single command.
As per our setup user a is allowed maximum 10 indoes and as above output shows, he has been used all allowed indoes. So he should not be able to create any new file or directory now. Let’s test this restriction
As we can see in above output user a is not allowed to create any additional file or directory beyond his limit (10 inodes). This restriction confirms that our inodes quota configuration is properly setup and working as expected.
Now we will test block size configuration. Block size configuration has two limits; soft 100Mb and hard 200Mb. Soft limit can be extended for two minutes. Let’s create a dummy data file to utilize all space defined in soft limit.
I used dd command to copy the 95Mb null bytes in f1 file.
As we can see in above output user a is allowed to add any length of data in file until he remains under the soft limit. Before we test the soft limit and grace period, open an another terminal and check the current uses of user a
As we can see in above output user a has been used all allowed inodes. So far block size is concerned, he still has 2629 blocks (100000 - 97304) available under his soft limit.
Did you notice there is no value listed in grace period field while we configured this value also?
Grace period is just like a timer which will start only when soft limit is crossed and user still has 2629 blocks in his soft limit. To see it practically, let’s cross the soft limit
As we can see in above output as soon as user crossed the soft limit, grace period timer started. User is allowed to use additional space until this timer keeps running. Once timer is stopped he will be dined from using any additional space. Right now user still has 51496 (200000-148504) blocks available, before it reaches to hard limit. Let’s use additional 10Mb space.
As we can see in above output grace period timer is running and hard limit is not crossed, so additional 10Mb space is allowed. Now let the grace period expire and try to use additional 10Mb space from remaining space.
As we can see in above output user is not allowed to use additional space even he has 41256 (200000-158744) blocks available. To use this remaining 41256 blocks he also needs time in grace period which is already expired.
Key points
- If soft limit and hard limit are same, grace period is not required.
- If soft limit and hard limit are different, grace period is required.
- Soft limit must be configured lower than hard limit.
- As soon as user crosses his soft limit grace period timer starts.
- User is allowed to use additional space (hard limit – soft limit) until grace period timer is running.
- Once grace period is expired, user is not allowed to use additional space.
- Grace period timer will be removed automatically once user brings his consumption below the soft limit.
Quota configuration testing from user b
User b is allowed 200Mb block size and 20 indoes with soft limit 10 inodes and 5 hours grace period. Since both soft and hard limits are same for block size, grace period is not configured.
We can test this setup with following steps.
Block size testing
Switch to user b and change directory to /rhcelab/user-b.
Create a file of 195Mb in size with following command
#dd if=/dev/zero of=/rhcelab/user-b/file1 count=195 bs=1M
Exit from user b and verify block size quota uses with following command
#quota b
Switch to user b again and try to create a file 10Mb in size with following command
#dd if=/dev/zero of=/rhcelab/user-b/file2 count=10 bs=1M
If this time user is denied, block size quota configuration is setup correctly. If user is allowed to create this file, block size quota configuration is not setup properly.
Inodes number testing
Switch to user b and change directory to /rhcelab/user-b
Create 10 directories with following command
#mkdir {d1,d2,d2,d4,d5,d6,d7,d8}
Exit from user b and verify inodes quota uses with following command
#quota b
Switch to user b again and try to create one more directory with following command
#mkdir d9
User should be allowed to create directory but this time he should get disk quota exceeds warning message.
Exit from user b and check inodes number quota again
#quota b
If grace period timer for inode number is started, inodes quota is setup correctly.
I have already explained all commands used in above steps while testing with user a. If require, you can use them for reference.
Quota configuration testing from group quotatest
The group quotatest has soft limit 1000Mb and hard limit 1500Mb with grace period of 1 day for block size. For inodes it has soft limit of 100 inodes and hard limit of 150 inodes with 5 days grace period.
Before you start testing from group, make sure that user c and d are the members of group and group has proper permission on testing folder.
Switch to user c and create a file (800Mb in size) and a directory. In directory creates 80 empty files with following command.
#touch test_{1..80}.txt
Verify files and directories with ls command.
Exit from user c and verify quota limit.
Now login from user d and create a file 400Mb in size to cross the soft limit of block size. To cross the soft limit of indoes create 30 empty directories. As soon as user would cross the soft limit, he should get warning message for related quota limit.
Exit from user d and view the quota uses for group. Grace period timer should be started for both limits.
Above output confirms that grace period for group quota is also configured successfully.
Important commands for quota management
| Command | Description |
| quotacheck | This command is used to check quota implementation and update quota database from file system. This command is also used to create aquota.user and aquota.group files, if they are not created manually. |
| edquota | This command is used to configure quota values for user and group. |
| quota | This command is used to view the quota uses for specific user or group. |
| repquota | This command is used to view the quota uses for all users and group. |
| quotaoff | This command is used to turnoff quota temporary. |
| quotaon | This command is used to enable quota again if it is disabled. |
In this tutorial we learned common file system disk management step by step with examples. Usually this process should work on maximum file systems; however some file systems such as xfs have their own quota management tools. So if this approach does not work as expected, please check the manual page of corresponding file system to figure out, how that particular file system works with disk quota.
That’s all for this tutorial. In next tutorial I will explain another linux topic in details with examples.
