Hi,

In my package i activate suspend at limit.
Now I see there are a few customers over his limit but no suspending.

Is it possible to let this block automaticly?

Maybe an option to build in: a customer can`t use mre diskspace than add to his account?
Now I have a customer who buy 40 MB diskspace and use 200!
(and not suspending)

Hello,

Bandwidth is the only thing that justifies suspension as it's something that cannot be decreased. If DA was to suspend based on disk quotas, then the user wouldn't be able to login to remove the items. You should have been notified about the over usage, so manual suspension should work. Comments on this functionality are welcome if anyone has suggestions.

John

Originally posted by DirectAdmin Support
Bandwidth is the only thing that justifies suspension as it's something that cannot be decreased. If DA was to suspend based on disk quotas, then the user wouldn't be able to login to remove the items. You should have been notified about the over usage, so manual suspension should work. Comments on this functionality are welcome if anyone has suggestions.

Disk space shouldn't need suspension.... they should be limited in all aspects anyway - ftp, mysql, filemanager and the users directory itself should all be locked to a maximum quota - moment they hit that nothing should be able to be done...

With an unnamed other panel FTP gives errors, file manager wont upload and any attempt to write to MySQL (therefore using extra space) corrupts the table and disallows any further writing - doesnt purposely corrupt the table - its just happens when attempting to write to a table.

The downside to that is you have to log into mysql and use the FIX command - Only takes 2 seconds however can be annoying.

Besides that I think thats the best way :)

Chris

I don't think MySQL data will be affected because it is created and stored by MySQL daemon running under 'mysql' user and consequently is not counted as user's data.

On that note, is there a way to limit database size for users?

Hello,

Anything that is run as the username while writing will be blocked when the quoat limit is hit. The include ftp, filemanager, email if it's on the same partition, cgi's or anything else that is run under that user ID.

If anyone knows if mysql does have a disk space limiting feature, do tell :)

John

Hi John,

if that can be build in it would be great!
Now an user can use more, but doesent pay for it.

Agreed. That's why emails notifications are sent out right now. Admins/Resellers always have the power to click "suspend" if Users don't cough up the cash :)

John

The problem is not to get a payment.
The problem is that an user can use the diskspace as mutch as he wants.
It doesent block after 40 mb as axample.
A customer buy 40 MB diskspace but he upload: 120 MB, no problem it doesent stop.

Hello,

If the system quotas are enabled and working correctly, then he'll only be able to upload 40 meg of data.

Type:

quota -v username

to see how much he's using of his quota. The only things that will let him go over are mysql databases, and emails if they are on a different partition than the quotas. Anything he uploads with ftp or the filemanager will be blocked when he hits his limit, *if* the system quotas are working correctly.

John

Hello,

I mentioned quota problems somewhere, but didn't get a resolution yet.

Could you please elaborate on how to set up DA to manage quotas on FreeBSD once the kernel is recompiled and /etc/rc.conf, /etc/fstab files are configured?

Thank you.

Hello,

Once you have everything ready to be used with quotas, then just reboot (or remount the partitins) so that the quotas are loaded up, then you need to create the quota files:



/usr/sbin/quotaoff -a
/sbin/quotacheck -avug
/usr/sbin/quotaon -a


John

Thank you for your reply, but that didn't help :)

I naturally rebooted the system for the new kernel to take effect, that means quotacheck was performed during the boot process.

"quota -v username" shows current usage, but the limit is not set:


[root@/tmp webcart]# quota -v redguitars
Disk quotas for user redguitars (uid 1009):
Filesystem usage quota limit grace files quota limit grace
/ 0 0 0 0 0 0
/usr 4790 0 0 777 0 0

Hello,

Then you need to resave the users settings in DA:

Reseller Panel -> List / Modify Users -> username -> modify user username's data -> "Save".

John

Thanks, but I actually tried that too before posting.

I also did it through Admin, not as reseller (admin->Show All user->username->Modify user) and it didn't help either.

Just an idea: does DA set quotas for all partitions or for a specific one? If later, where can I define it?

I recall disk partitioning discussions where you advised to have only 1 partition. Is it possible that DA only tries to set quotas for / partition?

Thank you.

Hello,

If you only have 1 partition, then your life will become much simpler. The quota partition should be defined in:

/usr/local/directadmin/conf/directadmin.conf

quota_partition=/

If nothing is set, it will default to /home. You can see what's currently setup by typing:

/usr/local/directadmin/directadmin c | grep quota_partitionJohn

Thank you for your reply, but I am not looking for easier ways :)

I actually saw FreeBSD system shutting down because of that. Since then I make sure that at the very least /var and /tmp do not reside on root partition.

Anyway, here is a list of my partitions (/home is just symb. link to /usr/home):


[root@/usr/local/directadmin/conf webcart]# mount
/dev/ad0s1a on / (ufs, local, with quotas)
/dev/ad1s1e on /export (ufs, local, soft-updates)
/dev/ad0s1e on /tmp (ufs, local, soft-updates)
/dev/ad0s1g on /usr (ufs, local, with quotas, soft-updates)
/dev/ad0s1f on /var (ufs, local, soft-updates)
procfs on /proc (procfs, local)
linprocfs on /usr/compat/linux/proc (linprocfs, local)
[root@/usr/local/directadmin/conf webcart]#
[root@/usr/local/directadmin/conf webcart]# /usr/local/directadmin/directadmin c | grep quota_partition
quota_partition=/usr
[root@/usr/local/directadmin/conf webcart]#


I changed quota_partition from / to /usr (as you can see above) and resaved user settings, but it still doesn't work.

Hello,

what does "repquota -a" return? Have you re-saved the user settings so it sets up the limits? If you want to manually test what DA is doing, here is what it runs to setup a quota limit on FreeBSD:

/usr/sbin/edquota -e /usr:1234:1234:0:0 bobSee if that does anything to setup a limit.

John

Thank you for your reply.



[root@/usr/local/directadmin/conf webcart]# edquota -e /usr:1234:1234:0:0 redguitars
[root@/usr/local/directadmin/conf webcart]# quota -v redguitars
Disk quotas for user redguitars (uid 1009):
Filesystem usage quota limit grace files quota limit grace
/ 0 0 0 0 0 0
/usr 5856* 1234 1234 7days 819 0 0


so edquota seems to work just fine.

"repquota -a" returns a list of users (which I wont post here for obvious reasons) where "used" column has non-zero numbers while soft/hard limit columns have zero for all users but redguitars.

I then modified redguitars user via DA, changing disk space and it still reflects the old quota (1234).

so modifying the user through DA isn't setting up the quotas correctly, but doing it manually is?

John

Originally posted by DirectAdmin Support
so modifying the user through DA isn't setting up the quotas correctly, but doing it manually is?

John

That's right.
I also created a new user and checked /var/log/directadmin/system.log and /var/log/directadmin/error.log in the hope to get some hints. Nothing.
Is it possible to turn on debug mode or soemthing to get output from external commands execution logged?

Thank you.

Hmm... here are the "quota -v steve" commands I'm doing before and after I change the Disk Space limit from 10 to 12 meg through the "modify user" part of the panel:

[root@user]# quota -v steve
Disk quotas for user steve (uid 514):
Filesystem blocks quota limit grace files quota limit grace
/dev/hda6 0 0 0 0 0 0
/dev/hda3 1520 10240 10240 27 0 0
[root@user]# quota -v steve
Disk quotas for user steve (uid 514):
Filesystem blocks quota limit grace files quota limit grace
/dev/hda6 0 0 0 0 0 0
/dev/hda3 1520 12288 12288 27 0 0
What is his limit set to?

John

Here are results of quota -v username before and after modifying Disk Space Limit on my end:


[root@~ webcart]# quota -v redguitars
Disk quotas for user redguitars (uid 1009):
Filesystem usage quota limit grace files quota limit grace
/ 0 0 0 0 0 0
/usr 146 0 0 36 0 0
[root@~ webcart]# quota -v redguitars
Disk quotas for user redguitars (uid 1009):
Filesystem usage quota limit grace files quota limit grace
/ 0 0 0 0 0 0
/usr 146 0 0 36 0 0
[root@~ webcart]#
[root@~ webcart]# /usr/local/directadmin/directadmin c | grep quota
quota_partition=/usr
[root@~ webcart]#


It looks like edquota is not executed at all.

The limit which I set via DA is between 99 and 102.
I always set it to a different number before resaving because I don't know whether you compare the old value and the new one before executing external commands ;)

Hmm.. just to check, your edquota binary is at: /usr/sbin/edquota ?

Of course :)
It's a fresh install of FreeBSD 4.9 about 2 weeks old. I didn't change much.


[root@/home webcart]# /usr/sbin/edquota
usage: edquota [-u] [-f fspath] [-p username] username ...
edquota [-u] -e fspath[:bslim[:bhlim[:islim[:ihlim]]]] [-e ...]
username ...
edquota -g [-f fspath] [-p groupname] groupname ...
edquota -g -e fspath[:bslim[:bhlim[:islim[:ihlim]]]] [-e ...]
groupname ...
edquota [-u] -t [-f fspath]
edquota -g -t [-f fspath]
[root@/home webcart]#

Hmm... there arn't any debug methods that keep track of whats being run, but what can be done is the temporary replacement of the edquota program...



mv /usr/sbin/edquota /usr/sbin/edquota.orig
vi /usr/sbin/edquota
#make it look like:

#!/bin/sh

echo "$1 $2" >> /tmp/edquota.txt

exit 0;Then chmod it to 755 and try it again. Check the /tmp/edquota.txt for any output. Also check the file for the owner in case it's being run by an unprivileged user. (I'll check the code)

John

Catch ya :)
Looks like a missing username:


[root@/home webcart]# cat /tmp/edquota.txt
-e /usr:102400:102400:0:0
[root@/home webcart]#

On the second thought, it's permission issue :)

/usr/sbin/edquota should look like


#!/bin/sh

#echo "$1 $2" >> /tmp/edquota.txt

echo "$*" > /tmp/edquota.txt

exit 0;


and then it shows up the correct line:


[root@/home webcart]# cat /tmp/edquota.txt
-e /usr:103424:103424:0:0 redguitars
[root@/home webcart]#
[root@/home webcart]# ls -la /tmp/edquota.txt
-rw-r--r-- 1 nobody wheel 37 Feb 13 12:16 /tmp/edquota.txt
[root@/home webcart]#

but the file is owned by nobody.

Hello,

Alright. I'll have a look in the code. I think it's some differences between the systems.. It shouldn't be working anywhere as "nobody", but it is, possibly due to the actual user ID vs. the effective user ID.. freebsd probably uses the effective (which is nobody), while RedHat might use the actual (just the method DA uses to flip privileges for some functions). weird. Oh well. Should be available for the next release then (I'll probably get it out soon).

John

Disk quotas for user psgfotos (uid 575):
Filesystem blocks quota limit grace files quota limit grace
/dev/hdc1 3672 30720 30720 536 0 0
but DA told 3.52 MB in use :(

any tips?

Originally posted by deltaned
Disk quotas for user psgfotos (uid 575):
Filesystem blocks quota limit grace files quota limit grace
/dev/hdc1 3672 30720 30720 536 0 0
but DA told 3.52 MB in use :(

any tips?

This is not official answer, but I don't see here any problem.
3672 in "blocks", 1K each means 3672/1024=3.59MB, which is a little more than 3.52MB. Please also note that quote shows number of allocated blocks used by files while DA (I would guess) shows the sum of file sizes. This explains the slight difference (3.59 vs. 3.52).

Originally posted by DirectAdmin Support
Hello,

Alright. I'll have a look in the code. I think it's some differences between the systems.. It shouldn't be working anywhere as "nobody", but it is, possibly due to the actual user ID vs. the effective user ID.. freebsd probably uses the effective (which is nobody), while RedHat might use the actual (just the method DA uses to flip privileges for some functions). weird. Oh well. Should be available for the next release then (I'll probably get it out soon).

John

I am not exactly sure what you mean by that because once a program runs with effective user ID other than root, the only way to spawn process under different user ID should be with set user ID bit. Anything else would constitute security issue.

I initially thought that you might have a parent DA process run as root while child processes run as nobody and use IPC to execute priveleges commands by the parent process, but a list of directadmin processes shows that they all run as nobody.

Hello,

Hmm.. well I found that it wasn't setting the effective userid back to 0, so the next release the userid and effective user id will both be zero when the exec is done. Redhat doesn't seem to have a problem with it (although, one would think it should). The actually processes are just using the euid as nobody, but for required circumstances the privileges are completely dropped to prevent anything from happening (ie anything done by the user/filemanager, and also chrooted)

John