[OpenAFS-devel] Some tests and questions about fs setquota

Jason Edgecombe jason@rampaginggeek.com
Sun, 23 Nov 2008 16:17:46 -0500


I admit that we have had a few cases where exiting users give a buddy 
admin rights on their volume before leaving. We had one case where the 
buddy begged us to recover files from the original user's account, but 
we could not legally do that.

Is there some way to flip a bit and disable all writes on a R/W volume? 
Clobbering the ACL's on the volume would do this, but undoing that would 
not be trivial for users who leave and return.

If we want to allow a negative quota to disable all writes, then I 
propose that we only allow -1. Then again, 1 is almost as effective 
assuming that the volume has a few files in it.

Jason

Jeffrey Altman wrote:
> Having read the code, negative quota values should not be sent
> by the client and should not be accepted by the server UNLESS
> the intention is to force the volume to always be over quota.
>
> Now the question is:  is this a technique that administrators
> are taking advantage of?  If so, we should probably create a
> real interface to do this as opposed to accepting negative
> values.
>
> Jeffrey Altman
>
>
> Jason Edgecombe wrote:
>   
>> Hi everyone,
>>
>> I have a test framework written in perl along with 4 tests files which
>> include many tests.
>>
>> Now what do I do with them?
>>
>> For now, I have a git repo available at:
>> /afs/dementia.org/home/edgester/git
>>
>> In my testing, I found some interesting quirks:
>> 1. fs setq honors negative quota as parameters except -1. fs lq confirms
>> the negative quota. My tests assume negative quotas are correct.
>> 2. fs setq allows for values larger than valid to be set and cause an
>> overflow.
>>
>> Should the quota be fixed to abort if a negative quota is specified?
>> Should I modify the tests to fail if a negative quota is found?
>>