The exam might also contain questions on encrypted storage, linux RAID and automounting of samba shares, but to me this seems so random and not at all practical, that I’ve decided to pass on that.
Hopefully the knowledge on LVM, swap and quotas is enough for the exam!
in my running vagrant box, teaches me that my new, empty disk is at /dev/sdf. Let’s prep it with fdisk:
# fdisk /dev/sdf
With ‘p’ we can find out that it has currently a DOS layout and no partitions.
Disk /dev/sdf: 1 GiB, 1073741824 bytes, 2097152 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0xff39c6ac
Simply make it GPT by pushing ‘g’. Create a new partition with ‘n’. We want to use the entire disk and can keep all the defaults presented here. Next push ‘t’ to change the type, which you should set to Linux swap. Check which number to put in with ‘L’, it varies depending on your fdisk version.
Finally don’t forget the ‘w’ to write your changes. Now that the partition is ready, you can create swap, enable it and check it:
# mkswap -L myswap /dev/sdf1
# swapon /dev/sdf1
# free -h
# cat /proc/swaps
Set it on boot by adding it to the /etc/fstab file. Use the UUID as discovered by the ‘blkid’ command above:
UUID=9af15cd8-da6b-48ec-ac55-21d2e1853b5c none swap defaults 0 0
When you have defined your swap space in the fstab file, you can also use these commands to turn swap on and off:
# swapon -a # swapoff -a
Now on to quotas. As with swap, I think I’ll have to deal with quotas more often than with creating an encrypted drive or configuring a RAID with Linux tools.
Install and enable quotas on the root filesystem:
# apt install quota # vi /etc/fstab
In the fstab, add the usrquota and grpquota options to the root filesystem entry:
UUID=1806cc24-2f59-4e29-97bf-ce6a7bfdf2d7 / ext4 defaults,usrquota,grpquota 0 0
Remount the filesystem with these options and enable quotas:
# mount -o remount / # quotacheck -cmug / # quotaon -a
If you’re on a virtual testing environment like me, the last command will throw an error. You need these additional steps before you can run the ‘quotaon’ command:
# apt install linux-image-extra-virtual # modprobe quota_v1 # modprobe quota_v2
Now mind you: the ‘quotacheck’ command will create a brand new ‘aquota.group’ and ‘aquota.user’ binary files in root. If you have existing quotas that you want to keep for some reason: back them up. These binary quota files can be edited by the edquota command, using the desired group or username:
# edquota -u vagrant # edquota -g ubuntu
Edquota without a flag will open up the user quota by default but this might get a bit annoying when a user and a group have the same name (as is often the case). That’s way I opt for always using an ‘-u’ (user) or ‘-g’ (group) flag, just to be clear.
On a side note: this will open the quota files in the default editor which often is not the editor you’d like. Change this behaviour with:
# update-alternatives --config editor
Anyway, edquota will open up the default quota config of the specified user or group:
Disk quotas for user vagrant (uid 1000): Filesystem blocks soft hard inodes soft hard /dev/sda1 44 0 0 13 0 0
The above tells is that that are 44 1k blocks in use by this user and 13 inodes. This brings us to a bit of a cumbersome part of setting quotas: you’ll have to set it in 1k blocks. Now this is awesome to calculate what you need. Let’s say we want to give a user a disk quota of 5GB. I would do it like this:
Disk quotas for user vagrant (uid 1000): Filesystem blocks soft hard inodes soft hard /dev/sda1 44 5000000 5242880 13 0 0
This will give a soft limit of 4,76837 GB and a hard limit of 5 GB. The soft limits has a grace period in which the user is over its quota, but has time to clean it up. When the grace period is over, no files can be added. This grace period can be edited with:
# edquota -t
The hard quota is exactly what it says: hard, cannot be overridden and doesn’t have a grace period. Users applications might crash because of temporary files not be able to be written to the system and what not. Be aware of this.
Regular quotachecks are probably necessary to keep things going, so create a cron doing so. DO NOT use the quotacheck command we’ve used earlier, because this will create brand new files. Your script should probably look something like this:
#!/bin/bash quotaoff -a quotacheck -mug / quotaon -a
Warnings about quotas can be configured with ‘warnquota’ and the /etc/warnquota.conf file, but I haven’t tested this myself.
Finally you can check some statistics with:
# quota -u vagrant -s # quota -g ubuntu -s # repquota -a # quotastats