| |
| Quota subsystem |
| =============== |
| |
| Quota subsystem allows system administrator to set limits on used space and |
| number of used inodes (inode is a filesystem structure which is associated with |
| each file or directory) for users and/or groups. For both used space and number |
| of used inodes there are actually two limits. The first one is called softlimit |
| and the second one hardlimit. A user can never exceed a hardlimit for any |
| resource (unless he has CAP_SYS_RESOURCE capability). User is allowed to exceed |
| softlimit but only for limited period of time. This period is called "grace |
| period" or "grace time". When grace time is over, user is not able to allocate |
| more space/inodes until he frees enough of them to get below softlimit. |
| |
| Quota limits (and amount of grace time) are set independently for each |
| filesystem. |
| |
| For more details about quota design, see the documentation in quota-tools package |
| (http://sourceforge.net/projects/linuxquota). |
| |
| Quota netlink interface |
| ======================= |
| When user exceeds a softlimit, runs out of grace time or reaches hardlimit, |
| quota subsystem traditionally printed a message to the controlling terminal of |
| the process which caused the excess. This method has the disadvantage that |
| when user is using a graphical desktop he usually cannot see the message. |
| Thus quota netlink interface has been designed to pass information about |
| the above events to userspace. There they can be captured by an application |
| and processed accordingly. |
| |
| The interface uses generic netlink framework (see |
| http://lwn.net/Articles/208755/ and http://people.suug.ch/~tgr/libnl/ for more |
| details about this layer). The name of the quota generic netlink interface |
| is "VFS_DQUOT". Definitions of constants below are in <linux/quota.h>. |
| Since the quota netlink protocol is not namespace aware, quota netlink messages |
| are sent only in initial network namespace. |
| |
| Currently, the interface supports only one message type QUOTA_NL_C_WARNING. |
| This command is used to send a notification about any of the above mentioned |
| events. Each message has six attributes. These are (type of the argument is |
| in parentheses): |
| QUOTA_NL_A_QTYPE (u32) |
| - type of quota being exceeded (one of USRQUOTA, GRPQUOTA) |
| QUOTA_NL_A_EXCESS_ID (u64) |
| - UID/GID (depends on quota type) of user / group whose limit |
| is being exceeded. |
| QUOTA_NL_A_CAUSED_ID (u64) |
| - UID of a user who caused the event |
| QUOTA_NL_A_WARNING (u32) |
| - what kind of limit is exceeded: |
| QUOTA_NL_IHARDWARN - inode hardlimit |
| QUOTA_NL_ISOFTLONGWARN - inode softlimit is exceeded longer |
| than given grace period |
| QUOTA_NL_ISOFTWARN - inode softlimit |
| QUOTA_NL_BHARDWARN - space (block) hardlimit |
| QUOTA_NL_BSOFTLONGWARN - space (block) softlimit is exceeded |
| longer than given grace period. |
| QUOTA_NL_BSOFTWARN - space (block) softlimit |
| - four warnings are also defined for the event when user stops |
| exceeding some limit: |
| QUOTA_NL_IHARDBELOW - inode hardlimit |
| QUOTA_NL_ISOFTBELOW - inode softlimit |
| QUOTA_NL_BHARDBELOW - space (block) hardlimit |
| QUOTA_NL_BSOFTBELOW - space (block) softlimit |
| QUOTA_NL_A_DEV_MAJOR (u32) |
| - major number of a device with the affected filesystem |
| QUOTA_NL_A_DEV_MINOR (u32) |
| - minor number of a device with the affected filesystem |
