Advanced User Administration
1.Network Users (NIS, LDAP, Winbind, SMB)
#authconfig-tui (加入nis server) [圖形介面: #system-config-authentication]
Configuration file: /etc/nsswitch.conf
#getent passwd(查users)
2.ACLs(Access Control Lists)
(1) #vi /etc/fstab 加入acl
#mount
---略---
/dev/xvda2 on /home type ext3 (rw,usrquota,acl)
或手動
#mount -o remount,acl /home
檢查是否有套用acl
[root@server118 home]# tune2fs -l /dev/xvda2 |grep options
Default mount options: user_xattr acl
[root@server118 home]#
(2)設定ACLs
#getfacl [file|directory]
#setfacl -m u:frodo:rw /home/public
#setfacl -x u:frodo /home/public
%Automatic ACL setting
#setfacl -m d:u:student:rw /home/public
%public目錄下所建立的檔案或目錄都會自動加上 u:student:rw 的權限
3. Quota System
(1)#vi /etc/fstab 加入userquota
#mount
---略---
/dev/xvda2 on /home type ext3 (rw,usrquota,acl)
#quotacheck -cugm /home
-c: new scan
-u: usr quotas
-g: group quotas
-m: Don’t try to remount filesystem read-only
(2)quotaon, quotoff, edquota
[root@server118 home]# quotaoff /home
[root@server118 home]# su - student
[student@server118 ~]$ quota
quota: Can't open quotafile /home/aquota.user: Permission denied
quota: Quota file not found or has wrong format.
[student@server118 ~]$
[root@server118 home]# quotaon /home
[root@server118 home]# su - student
[student@server118 ~]$ quota
Disk quotas for user student (uid 500):
Filesystem blocks quota limit grace files quota limit grace
/dev/xvda2 192 2048 4096 23 30 40
[student@server118 ~]$
[root@server118 home]# edquota student
Disk quotas for user student (uid 500):
Filesystem blocks soft hard inodes soft hard
/dev/xvda2 192 2048 4096 23 30 40
%套用user的quota設定
#edquota -p user1 user2
EX:
#edquota -p student joe
%establish a grace period
#edquota -t
Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
Filesystem Block grace period Inode grace period
/dev/xvda2 7days 7days
(3)reporting quota status
#repquota -a (only root)
[root@server118 home]# repquota -a
*** Report for user quotas on device /dev/xvda2
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 35852 0 0 7 0 0
student -- 192 2048 4096 23 30 40
may -- 120 0 0 14 0 0
karl -- 64 0 0 8 0 0
joe -- 124 0 0 14 0 0
mary -- 64 0 0 8 0 0
jen -- 64 0 0 8 0 0
u3 -- 76 2048 4096 10 30 40
%warnquota
%當user使用超過quota寄信給user, 副本給root(manager)
%sendmail必須開啟且己設定完成, 信才會寄出去
#vi /etc/quotatab
---略---
# Example of description
/dev/loop0: This is loopback device
#/dev/hda4: Your home directory
/dev/xvda2: /home
#vi /etc/warnquota.conf
---略---
# values can be quoted:
MAIL_CMD = "/usr/sbin/sendmail -t"
FROM =
# but they don't have to be:
SUBJECT = NOTE: You are exceeding your allocated disk space limits
CC_TO = "root@server1.example.com"
# If you set this variable CC will be used only when user has less than
# specified grace time left (examples of possible times: 5 seconds, 1 minute,
# 12 hours, 5 days)
# CC_BEFORE = 2 days
SUPPORT = "root@server1.example.com"
PHONE = "(009) 995-9999"
%當user超過quota, sendmail會寄信給user(student), 提醒使用者
[student@server118 ~]$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/student": 2 messages 1 new
1 root@server1.example Sat Aug 1 00:09 22/996 "test procmail"
>N 2 root@server118.examp Sun Aug 9 14:50 27/1085 "NOTE: You are exceeding your allocated disk space limi"
From root@server118.example.com Sun Aug 9 14:50:39 2009
Date: Sun, 9 Aug 2009 14:50:38 +0800
From: root
Reply-To: root@myhost.com
Subject: NOTE: You are exceeding your allocated disk space limits
To: student@server118.example.com
Cc: root@server118.example.com
Your disk usage has exceeded the agreed limits on this server
Please delete any unnecessary files on following filesystems:
/home (/dev/xvda2)
Block limits File limits
Filesystem used soft hard grace used soft hard grace
/dev/xvda2 +- 4096 2048 4096 6days 24 30 40
root@localhost
文章標籤
全站熱搜
學習 (2)