Hi, I'm having trouble getting website quota to work in my OpenVZ Containers. I already know that I don't have to configure it in the Containers, but on the Host. I also read that the current version pure-ftpd-mysql sould be able to handle quota inside containers even if quota is not enabled on the host. However, in all of my OpenVZ Containers, the quota just doesn't apply. I set the limit to 10 MB in ISPConfig (both website and ftp-user), and I uploaded 60MB without any error message. This is what I did on the Host: installed vzquota Enabled 2nd level quota for container Didnt work on running: So I stopped, and tried again: But got warning on startup (don't know if that's a problem..) But even after enabling quota like this on the host, quota doesn't apply in the container. Any Idea what the problem could be? Here's some additional Data: Host System: lsbdistdescription => Debian GNU/Linux 7.4 (wheezy) kernelrelease => 2.6.32-openvz-042stab084.14-amd64 Container: lsbdistdescription => Ubuntu 14.04.1 LTS kernelrelease => 2.6.32-openvz-042stab084.14-amd64 /etc/vz/conf/235.conf: Code: ONBOOT="yes" NAMESERVER="213.133.98.98 213.133.99.99" CPUUNITS="1000" CPUS="2" CPULIMIT="50" PHYSPAGES="0:256000" SWAPPAGES="0:256000" DISKSPACE="10240000:10240000" QUOTATIME="0" KMEMSIZE="unlimited" LOCKEDPAGES="unlimited" SHMPAGES="unlimited" NUMPROC="unlimited" VMGUARPAGES="unlimited" OOMGUARPAGES="unlimited" NUMTCPSOCK="unlimited" NUMFLOCK="unlimited" NUMPTY="unlimited" NUMSIGINFO="unlimited" TCPSNDBUF="unlimited" TCPRCVBUF="unlimited" OTHERSOCKBUF="unlimited" DGRAMRCVBUF="unlimited" NUMOTHERSOCK="unlimited" DCACHESIZE="unlimited" NUMFILE="unlimited" AVNUMPROC="unlimited" NUMIPTENT="unlimited" DISKINODES="200000000:220000000" VE_ROOT="/var/lib/vz/root/$VEID" VE_PRIVATE="/var/lib/vz/private/$VEID" OSTEMPLATE="ubuntu-12.04-x86_64" ORIGIN_SAMPLE="www-db-8g-500g" HOSTNAME="testvserver.keplerlabs.at" IP_ADDRESS="148.251.33.235" PRIVVMPAGES="unlimited" QUOTAUGIDLIMIT="100" CAPABILITY="CHOWN:on DAC_READ_SEARCH:on SETGID:on SETUID:on NET_BIND_SERVICE:on NET_ADMIN:on SYS_CHROOT:on SYS_NICE:on FS_MASK:on" /etc/vz/vz.conf: Code: root@vmhost3:/home/leonhard# vi /etc/vz/vz.conf ## Global parameters VIRTUOZZO=yes LOCKDIR=/var/lib/vz/lock DUMPDIR=/var/lib/vz/dump VE0CPUUNITS=1000 VE_STOP_MODE=suspend ## Logging parameters LOGGING=yes LOGFILE=/var/log/vzctl.log LOG_LEVEL=0 VERBOSE=0 ## Disk quota parameters DISK_QUOTA=yes VZFASTBOOT=no # Disable module loading. If set, vz initscript does not load any modules. #MODULES_DISABLED=yes # The name of the device whose IP address will be used as source IP for CT. # By default automatically assigned. #VE_ROUTE_SRC_DEV="eth0" # Uncomment to limit CT IP ARP announces only to network interfaces # having IPs within the same IP network as a container IP. # Leave commented out to use all interfaces. NEIGHBOUR_DEVS=all ## Fail if there is another machine in the network with the same IP ERROR_ON_ARPFAIL="no" ## Template parameters TEMPLATE=/var/lib/vz/template ## Defaults for containers VE_ROOT=/var/lib/vz/root/$VEID VE_PRIVATE=/var/lib/vz/private/$VEID CONFIGFILE="vswap-256m" DEF_OSTEMPLATE="debian-7.0-x86" NAMESERVER=inherit # Copy from host system's /etc/resolv.conf ## Filesystem layout for new CTs: either simfs (default) or ploop #VE_LAYOUT=ploop # User namespace configuration LOCAL_UID=100000 LOCAL_GID=100000 ## Load vzwdog module VZWDOG="no" ## IPv4 iptables kernel modules to be enabled in CTs by default #IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length" IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state" ## IPv4 iptables kernel modules to be loaded by init.d/vz script IPTABLES_MODULES="$IPTABLES" ## Enable IPv6 IPV6="yes" ## IPv6 ip6tables kernel modules IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT" SKIP_SYSCTL_SETUP=yes
This is the output of repquota -avg. I see that the client1 has a blocklimit of 0. Client1 is the owner of the website where I'm testing quota. Does that mean the ISPConfig quotas don't apply?
Sorry, I posted you a wrong command. client0 is the group, but ispconfig puts the quotas on the website user (web1, web2 etc). Try this one to get the user quotas: repquota -avu
Ok, thanks to the repquota -avu command I saw that the quota for the user was not actually set. I delted the web, and created it new, and set the quota new, and now it is set, and works. Also, the "vzctl set 235 --quotaugidlimit 1000 --save" command was important. I checked how many quotafiles I had approximately by adding "cat /etc/passwd | wc -l" and "cat /etc/group | wc -l" and found out that that was more than my setting (300) so no new quotas could be set. After setting the quotaugidlimit to 1000 I used the ISPConfig Rsync tool on all websites, and all quotas were set correctly. Thanks for your help till!
