|
Grex > Oldcoop > #62: Disk Quotas on the New Grex Machine | |
|
| Author |
Message |
| 25 new of 73 responses total. |
gelinas
|
|
response 25 of 73:
| 
Dec 30 21:28 UTC 2003 |
Which is conjecture, Dan? That a faster CPU and more disk space won't
improve network bandwidth? Or that the effect of allowing graphics files
on grex will be a worse experience for interactive users?
Either way, I've started a new item, #63, for the discussion of grex's
policy on multi-media files.
|
naftee
|
|
response 26 of 73:
|
Dec 30 22:08 UTC 2003 |
gelinas, you messed me up now :-0
|
cross
|
|
response 27 of 73:
|
Dec 31 00:56 UTC 2003 |
Regarding #25; The conjecture is that grex's network bandwidth is
at the point of being exhausted.
|
gelinas
|
|
response 28 of 73:
|
Dec 31 01:02 UTC 2003 |
The bandwidth does not have to be at the point of exhausation for the
additional network load of graphic files to be noticible.
But let's take it to the next item. ;)
|
bhoward
|
|
response 29 of 73:
|
Dec 31 02:13 UTC 2003 |
These numbers seem as fine as any to start with, Joe. I would like
to keep an open mind about raising the numbers if we find folks are
bumping into the limits too often in legitimate uses of the system.
|
gelinas
|
|
response 30 of 73:
|
Dec 31 04:04 UTC 2003 |
Daniel Gryniewicz commented on this subject in e-mail:
The problem with 2, or 3, or 5, is that you can download and
build eggbot in that much space...
|
ryan
|
|
response 31 of 73:
|
Dec 31 04:59 UTC 2003 |
This response has been erased.
|
gelinas
|
|
response 32 of 73:
|
Dec 31 05:00 UTC 2003 |
Is that supposed to be 2 and 3 MB, Ryan?
|
ryan
|
|
response 33 of 73:
|
Dec 31 05:00 UTC 2003 |
This response has been erased.
|
ryan
|
|
response 34 of 73:
|
Dec 31 05:01 UTC 2003 |
This response has been erased.
|
gelinas
|
|
response 35 of 73:
|
Dec 31 05:07 UTC 2003 |
Timing. ;)
|
jp2
|
|
response 36 of 73:
|
Dec 31 13:12 UTC 2003 |
This response has been erased.
|
other
|
|
response 37 of 73:
|
Dec 31 15:27 UTC 2003 |
Jamie, I thought EVERYTHING you posted was ACSII PORN.
|
jp2
|
|
response 38 of 73:
|
Dec 31 16:13 UTC 2003 |
This response has been erased.
|
naftee
|
|
response 39 of 73:
|
Dec 31 17:49 UTC 2003 |
re 37 Actually, that's twinkie.
|
malymi
|
|
response 40 of 73:
|
Jan 7 10:23 UTC 2004 |
quotas and e-mail need special consideration. without quotas on the
mail spool abusers will just e-mail themselves things, perhaps even work
within the spool if it's user writable (i forget if obsd uses a mode
1777 spool). but if the spool has a quota then there is a way for a
user's quota to be exceeded which is not interactive and thus invisible
to the user, and in fact happens as a result of forces typically outside
their control, i.e., spam, worms and abusive action can disable e-mail
reception -- staff could not even deliver a warning without an enhanced
remote access mechanism or some fancy footwork quota-wise.
as it happens i favor having quotas over not having them, but you need
sufficient status visibility in all reading modes. unfortunately such
visibility is not available by default in popular and free tools, thus
would require some custom patches or spending money. these days spam/
worm containment with a much higher (perhaps shared) quota is also
necessary, but again care is required otherwise abusers will try to
store things in the quarantine.
|
gelinas
|
|
response 41 of 73:
|
Jan 24 04:26 UTC 2004 |
Another question has come up: Should we put a limit on the number of
files a user can create? If so, what should it be set to?
|
keesan
|
|
response 42 of 73:
|
Jan 24 15:03 UTC 2004 |
Can you put a limit on the number of new items a user can create in one day,
for instance 3 or 5? I don't see why you need to limit the number of files
if you are limiting disk usage already.
|
ryan
|
|
response 43 of 73:
|
Jan 24 16:37 UTC 2004 |
This response has been erased.
|
remmers
|
|
response 44 of 73:
|
Jan 24 17:23 UTC 2004 |
Ryan is correct - under Unix, each disk partition has a set maximum
number of files, equal to the number of slots in the "inode table".
So a possible denial-of-service attack would be for a user to fill
up the inode table. Then no other user on that disk partition
could create new files, even if there were plenty of free space
on the disk.
So it sounds like we should set a maximum number of files per user.
I'm assuming the quota system lets us do that. On NextGrex as
currently configured, the user partitions /a and /c combined have
over 5 million inodes, so even being generous and assuming that
we grow to 20000 users with an average of 50 legitimate files
apiece, that would take up less than 20% of the inode space.
So the limit could be pretty generous and still avoid a problem.
If we set the maximum at, say, 5000, a twit would have to create
a few hundred accounts to run the system out of inodes. That's
a pretty good deterrent, and even if they persisted and tried,
the activity would be noticed and stopped long before the
limit was reached.
|
gelinas
|
|
response 45 of 73:
|
Jan 24 17:47 UTC 2004 |
The few places I've seen quotas, the file limit was 1,000. Would that
be a reasonable place to start, bumping it up later if necessary?
|
keesan
|
|
response 46 of 73:
|
Jan 24 20:29 UTC 2004 |
I think I have between 50 and 100 files which I thought was a lot.
2M disk space and 1000 files would be 2K average per file - do people have
that many small files?
|
ryan
|
|
response 47 of 73:
|
Jan 24 20:42 UTC 2004 |
This response has been erased.
|
styles
|
|
response 48 of 73:
|
Jan 25 02:59 UTC 2004 |
compilations can create a "lot" of files, but any compilation that would
create that many files would surely hit a 2MB limit before an inode limit.
someone might have a one-file-per-entry type of webboard, which could create
lots of small "ROTFL!!!" and "LOL OMG WOT U SAY?" response files. there's
probably a few other practical-ish cases where this would happen, but not that
many.
|
bhoward
|
|
response 49 of 73:
|
Jan 25 03:21 UTC 2004 |
I support the higher limit proposed by remmers.
|