Re: Limit dir write by storage size
On Wed, Jan 12, 2022 at 02:03:45AM +0800, Yamadaえりな wrote:
> For a debian based system, how can I setup that, if a dir has total storage
> size reached to the max, it won’t be writable anymore?
That sounds tricky. It depends on your exact needs, and the exact "threat"
you're protecting against.
My initial thought, if you don't have too many of these "directories", is
to make each of them a separate file system, and mount it. The file
system can be created with the size you want, and then when that file
system is full, nothing more can be written to it.
Using LVM would be my preference if you go this way. It allows the
creation of lots of file systems "on the fly". Using real partitions
might also work in theory, but it would be my second choice, by far.
If you don't want a file system per directory, e.g. if you've got a
*whole* lot of these directories, or if you need them to be create-able
without root being involved, then maybe you can cobble something
together to restrict permissions after the fact. E.g. a cron job that
runs every 5 minutes (or whatever), looks at the directories that are
still writable (ignoring the ones that aren't), and if any one of them
is over its size limit, change the permissions on it, and on all the
files inside it.
Of course, there are obvious flaws with that approach. A lot of data
could be written in those 5 minutes, and could put a directory *way* over
the limit you intended. And if a file is already opened for writing
inside one of the directories, changing the permissions won't stop the
process from continuing to write to that open file. It only stops new
files being created, or subsequent file opens.
Reply to: