Friday, 16 June 2017

FTP server configuration with with users and disk quotas in linux

FTP server configuration with with users and disk quotas in linux



Install FTP server :

#yum install vsftp*
#service vsftpd restart
#chkconfig vsftpd on

Edit Configuration file :

/etc/vsftpd/vsftpd.conf

anonymous_enable=no
write_enable=YES
local_enable=YES


Create partition and enable the disk quotas :


Create the directory 
#mkdir  /usr/loop_device

You can create directory anywhere based on your requirement

Create the file for storage based on your requirement.  We will create the file for 50MB

#dd if=/dev/zero of =/usr/ loop_device/ld1 bs=1024 count =50000

Crate the filesystem
#mkfs.ext4 /usr/loop_device/ ld1

Create the directory for FTP users

#mkdir /home_ftp

Mount the disk file on respective path, Add the below lines in /etc/fstab for permanent mounting

#vi  /etc/fstab

/usr/ loop_device/ld1  /home_ftp  ext4   rw,loop,usrquota,grpquota   0 0

Mount or remount the partition
#mount  -a  
#mount -o remount /home  (for remount)


Enable or  create  the disk quotas :

#quotacheck    -cugv  /hmoe_ftp

quotacheck syntax :-

quotacheck [-gucbfinvdmMR] [-F <quota-format>] filesystem|-a

-u, --user                check user files
-g, --group               check group files
-c, --create-files        create new quota files
-b, --backup              create backups of old quota files
-f, --force               force check even if quotas are enabled
-i, --interactive         interactive mode
-n, --use-first-dquot     use the first copy of duplicated structure
-v, --verbose             print more information
-d, --debug               print even more messages
-m, --no-remount          do not remount filesystem read-only
-M, --try-remount         try remounting filesystem read-only,
                          continue even if it fails
-R, --exclude-root        exclude root when checking all filesystems
-F, --format=formatname   check quota files of specific format
-a, --all                 check all filesystems
-h, --help                display this message and exit
-V, --version             display version information and exit

After the files created please run below command to generate the table of current disk usage of file system with quota enabled.

#quotacheck   -augv


a
Check all quota-enabled, locally-mounted file systems
v
Display verbose status information as the quota check proceeds
u
Check user disk quota information
g
Check group disk quota information

    After above steps completed turn on quota on /home_ftp partition
#quotaon /home/

Assign user&group quotas with edquota command
[root@localhost ~]# edquota -u ftpuser

Disk quotas for user ftpuser (uid 502):
  Filesystem                   blocks       soft       hard     inodes     soft     hard
  /dev/loop0                        0        300        400          3        0        0

[root@localhost ~]# edquota -g ftpuser

Disk quotas for group ftpuser (gid 502):
  Filesystem                   blocks       soft       hard     inodes     soft     hard
  /dev/loop0                        0        300        400          3        0        0

Softlimit :-
From above scenario  when the disk size exceeds 300kb for ftpuser it’s warns disk usage exceed .
Hardlimt :-
When the disk size reached to 400kb . We not able to create or copy any file to that location.

Display the quota report for the user
#repquota  -as

repquota [-vugsi] [-c|C] [-t|n] [-F quotaformat] (-a | mntpoint)

-v, --verbose               display also users/groups without any usage
-u, --user                  display information about users
-g, --group                 display information about groups
-s, --human-readable        show numbers in human friendly units (MB, GB, ...)
-t, --truncate-names        truncate names to 8 characters
-p, --raw-grace             print grace time in seconds since epoch
-n, --no-names              do not translate uid/gid to name
-i, --no-autofs             avoid autofs mountpoints
-c, --batch-translation     translate big number of ids at once
-C, --no-batch-translation  translate ids one by one
-F, --format=formatname     report information for specific format
-h, --help                  display this help message and exit
-V, --version               display version information and exit

Configure the grace period for soft limit
Grace period is the time of soft limit  period. Once soft limit period exceeds then it’s become hard limit

#edquota -t
Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
  Filesystem             Block grace period     Inode grace period
  /dev/loop0                 2minutes               2minutes


Up to now FTP configurations and disk quota part completed. Now proceed with the FTP users section.

From the above steps directory for ftp users is ‘/home_ftp’. Create the users under that directory
Create the FTP user with particular home directory and nologin option for security

#useradd    -d   /home_ftp/ftpuser   -s  /sbin/nologin ftpuser
#passwd  ftpuser

Verify the FTP account
#ftp 10.x.x.x
Connected to 10.x.x.x).
220 (vsFTPd 2.2.2)
Name (10.x.x.x:root): ftpuser
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.

Now trying to put the large file means more than 300kb(as per the soft and hard limit).
ftp> put testfile-14.0.0-15.9.src.rpm
local: > put testfile -14.0.0-15.9.src.rpm remote: > put testfile -14.0.0-15.9.src.rpm
227 Entering Passive Mode (104,167,9,200,48,1).
150 Ok to send data.
451 Failure writing to local file.

For below 300 mb file got success file transfer

ftp> put websites.txt
local: websites.txt remote: websites.txt
227 Entering Passive Mode (104,167,9,200,68,26).
150 Ok to send data.
451 Failure writing to local file.
22 bytes sent in 1.3e-05 secs (1692.31 Kbytes/sec)
ftp>
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)