Security of Linux’s network – quota and limitation
First Part: Quota
Linux’s quota is used to configure the user’s harddisk spaces in order to prevent few users occupy nearly the most of resources.we could configure the quota by following steps:
1.Add “usrquota” to the fourth table position of “/etc/fstab”,for example:
/etc/hda7 /home ext2 default, usrquota,1,2
2.Create two files in the identified partition:
# touch /home/quota.user # touch /home/quota.group
and then grant the privileges:
# chmod 600 /home/quota.user # chmod 600 /home/quota.group
3.reboot the system
4.Issue the following command to configure quota for identified user:
# edquota -u username
Second Part: Limitation
Hard limitation: user can not overflow the specified limitation
Soft limitation: when spaces used reach the specified limitation,system will display a worning message.
# ulimit # ulimit -a (list all limitation parameters which including cpu time and counts of files opened.)
There are two ways to configure the limitation:
1.Add “ulimit” lines to /etc/profile
2.Modify the /etc/security/limits.conf.It is very important.When I installed Oracle 10g in Red Hat,this file always was modified by adding hard and soft limitation for nproc.The formation of /etc/security/limits.conf is listed here:
domain type item value
domain: this parameter startes with “@” first and contains username and group name.if “*” is used,it means all the users and groups.
type: this parameter indicates whether the limitation is hard or soft.
item: this parameter indicates which resouce will be limited.
value:this parameter indicates the setting value.