summaryrefslogtreecommitdiffstats
path: root/modules/pam_setquota/README
blob: fd00da7d3761e2ad72659896f7fd93ea6f546160 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
pam_setquota — PAM module to set or modify disk quotas on session start

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

DESCRIPTION

pam_setquota is a PAM module to set or modify a disk quota at session start

This makes quotas usable with central user databases, such as MySQL or LDAP.

OPTIONS

fs=/home

    The device file or mountpoint the policy applies to. Defaults to the
    filesystem containing the users home directory.

overwrite=0

    Overwrite an existing quota. Note: Enabling this will remove the ability
    for the admin to manually configure different quotas for users for a
    filesystem with edquota(8). (Defaults to 0)

debug=0

    Enable debugging. A value of 1 outputs the old and new quota on a device. A
    value of 2 also prints out the matched and found filesystems should fs be
    unset. (Defaults to 0)

startuid=1000

    Describe the start of the UID range the policy is applied to. (Defaults to
    UID_MIN from login.defs or the uidmin value defined at compile-time if
    UID_MIN is undefined.)

enduid=0

    Describe the end of the UID range the policy is applied to. Setting enduid=
    0 results in an open-ended UID range (i.e. all uids greater than startuid
    are included). (Defaults to 0)

bsoftlimit=19000

    Soft limit for disk quota blocks, as defined by quotactl(2). Note:
    bsoftlimit and bhardlimit must be set at the same time!

bhardlimit=20000

    Hard limit for disk quota blocks, as defined by quotactl(2). Note:
    bsoftlimit and bhardlimit must be set at the same time!

isoftlimit=3000

    Soft limit for inodes, as defined by quotactl(2). Note: isoftlimit and
    ihardlimit must be set at the same time!

ihardlimit=4000

    Hard limit for inodes, as defined by quotactl(2). Note: isoftlimit and
    ihardlimit must be set at the same time!

EXAMPLES

A single invocation of `pam_setquota` applies a specific policy to a UID range.
Applying different policies to specific UID ranges is done by invoking
pam_setquota more than once. The last matching entry defines the resulting
quota.

      session  required   pam_setquota.so bsoftlimit=1000 bhardlimit=2000 isoftlimit=1000 ihardlimit=2000 startuid=1000 enduid=0 fs=/home
      session  required   pam_setquota.so bsoftlimit=19000 bhardlimit=20000 isoftlimit=3000 ihardlimit=4000 startuid=2001 enduid=3000 fs=/dev/sda1
      session  required   pam_setquota.so bsoftlimit=19000 bhardlimit=20000 isoftlimit=3000 ihardlimit=4000 startuid=3001 enduid=4000 fs=/dev/sda1 overwrite=1


AUTHOR

pam_setquota was originally written by Ruslan Savchenko <savrus@mexmat.net>.

Further modifications were made by Shane Tzen <shane@ict.usc.edu>, Sven Hartge
<sven@svenhartge.de> and Keller Fuchs <kellerfuchs@hashbang.sh>.