Language Selection

English French German Italian Portuguese Spanish

Custom scripting gives users a safe-du

Filed under

My company has a Linux cluster with a terabyte of attached storage. Over time we noticed the head node was becoming more overloaded. Inspection of the system showed that users were starting dozens of copies of the du utility to determine disk space usage. This was a natural thing for them to do, because they had a need to know how much disk space was available. A lack of disk space would cause their software builds and tests to fail. The problem was that it takes five to seven hours for a du of the entire shared filesystem. Thus, when the filesystem was nearly full (as it of course usually was), the number of du processes would increase almost exponentially.

To address this problem, we first set up automated nightly disk space reports, so that users could check the status without running du. This still did not solve the problem, as the amount of used space could fluctuate dramatically over the course of 24 hours. Users still wanted and needed to run their own du processes throughout the workday.

While adding more disk space would have solved the problem, we are using a large disk array that is already filled to maximum capacity. In general, users tend to fill up all available disk space anyway, no matter how much you give them.

We then developed a policy: users could run du on any directory they owned. In addition, user du processes would be allowed to run for a maximum of one hour of wall time. Users in the wheel group would be exempt from these restrictions.

I was given the task of developing a tool to implement this policy. Some sort of wrapper around the existing du seemed like an obvious choice: the script could validate the input, abort if an invalid path was given, and terminate the du process if it ran too long.

I wrote a basic bash script in perhaps an hour's time. Then I thought about how to run it, and that is where I ran into trouble. I had thought that I would make the script set user id (setuid) or set group id (setgid) root, i.e. when run by any user it would actually run in the root group. Then, I could change the permissions on the real du so that only root could run it. The result would be that normal users could only access the real du through the wrapper script.

Of course that would make a pretty boring article, and in reality it didn't turn out to be that simple:

Full Story.

More in Tux Machines

Yocto driven camera design taps octa-core Snapdragon

Qualcomm and Thundercomm unveiled a Linux-supported, 4K camera reference design with an octa-core Snapdragon 625 and video analytics software. Qualcomm and hardware partner Thundercomm Technology announced an IP Connected Camera reference design called the Snapdragon 625 IP Camera built around its 14nm-fabricated, octa-core Cortex-A53 Snapdragon 625 system-on-chip. This is Qualcomm’s first Connected Camera design to support Linux instead of Android. Read more

Renesas spins 3rd Gen automotive starter kits, adds new M3 SoC

Renesas has launched two Linux-ready R-Car starter kits optimized for AGL and GENIVI: an R-Car H3 based “Premier” and a “Pro” with a lower-end M3 SoC. Later this month, Renesas will begin selling two third-generation starter kits for its 64-bit ARM-based R-Car automotive SoCs. The kits are designed for ADAS, infotainment, reconfigurable digital clusters, and integrated digital cockpits. The two kits are optimized for open source Linux standards like Automotive Grade Linux (AGL) and GENIVI, but they also support QNX. Earlier R-Car automotive starter kits include last year’s R-Car H2 ADAS Starter Kit, based on its earlier H2 automotive SoC. Read more

Lumina Desktop 1.1 Released

The BSD-focused, Qt-powered Lumina Desktop Environment is out with its version 1.1 update. The developers behind the Lumina Desktop Environment consider it a "significant update" with both new and reworked utilities, infrastructure improvements, and other enhancements. Lumina 1.1 adds a pure Qt5 calculator, text editor improvements, the file manager has been completely overhauled, system application list management is much improved, and there is a range of other improvements. Read more

Radeon vs. Nouveau Open-Source Drivers On Mesa Git + Linux 4.9

For your viewing pleasure this Friday are some open-source AMD vs. NVIDIA numbers when using the latest open-source code on each side. Linux 4.9-rc1 was used while Ubuntu 16.10 paired with the Padoka PPA led to Mesa Git as of earlier this week plus LLVM 4.0 SVN. As covered recently, there are no Nouveau driver changes for Linux 4.9 while we had hoped the boost patches would land. Thus the re-clocking is still quite poor for this open-source NVIDIA driver stack. For the Nouveau tests I manually re-clocked each graphics card to the highest performance state (0f) after first re-clocking the cards to the 0a performance state for helping some of the GPUs that otherwise fail with memory re-clocking at 0f, as Nouveau developers have expressed this is the preferred approach for testing. Read more