标签:ice denied calling ica writing min 生效 host none
实验环境如下:[root@Centos7 ~]# uname -r
3.10.0-693.el7.x86_64
[root@Centos7 ~]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@Centos7 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 476M 0 part /boot
└─sda2 8:2 0 49.5G 0 part
├─centos-root 253:0 0 47.5G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sr0 11:0 1 8.1G 0 rom /mnt新增一块20G的硬盘备用
不重启,扫描硬盘文件即可生效
[root@Centos7 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 476M 0 part /boot
└─sda2 8:2 0 49.5G 0 part
├─centos-root 253:0 0 47.5G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sr0 11:0 1 8.1G 0 rom /mnt
[root@Centos7 ~]# echo "- - -" > /sys/class/scsi_host/host0/scan
[root@Centos7 ~]# echo "- - -" > /sys/class/scsi_host/host2/scan
#sdb已能呈现
[root@Centos7 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 476M 0 part /boot
└─sda2 8:2 0 49.5G 0 part
├─centos-root 253:0 0 47.5G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
sr0 11:0 1 8.1G 0 rom /mnt创建一个2G ext4的文件系统,block为2048byte,预留1%可用空间,卷标为TEST
[root@Centos7 ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-41943039, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-41943039, default 41943039): +2G
Partition 1 of type Linux and of size 2 GiB is set
Command (m for help): p
Disk /dev/sdb: 21.5 GB, 21474836480 bytes, 41943040 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x8e780df3
Device Boot Start End Blocks Id System
/dev/sdb1 2048 4196351 2097152 83 Linux
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@Centos7 ~]# partprobe /dev/sdb
[root@Centos7 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 476M 0 part /boot
└─sda2 8:2 0 49.5G 0 part
├─centos-root 253:0 0 47.5G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
└─sdb1 8:17 0 2G 0 part
sr0 11:0 1 8.1G 0 rom /mnt
#上面分区已划分完毕,接下来就是创建文件系统;centos7上默认的文件系统是xfs,要使用ext4的文件系统需要使用mkfs.ext4命令
[root@Centos7 ~]# mkfs.ext4 --help
mkfs.ext4: invalid option -- ‘-‘
Usage: mkfs.ext4 [-c|-l filename] [-b block-size] [-C cluster-size]
[-i bytes-per-inode] [-I inode-size] [-J journal-options]
[-G flex-group-size] [-N number-of-inodes]
[-m reserved-blocks-percentage] [-o creator-os]
[-g blocks-per-group] [-L volume-label] [-M last-mounted-directory]
[-O feature[,...]] [-r fs-revision] [-E extended-option[,...]]
[-t fs-type] [-T usage-type ] [-U UUID] [-jnqvDFKSV] device [blocks-count]
#创建block为2048byte,预留1%的可用空间,卷标为TEST
[root@Centos7 ~]# mkfs.ext4 -b 2048 -m 1 -L TEST /dev/sdb1
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=TEST
OS type: Linux
Block size=2048 (log=1)
Fragment size=2048 (log=1)
Stride=0 blocks, Stripe width=0 blocks
131072 inodes, 1048576 blocks
10485 blocks (1.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=269484032
64 block groups
16384 blocks per group, 16384 fragments per group
2048 inodes per group
Superblock backups stored on blocks:
16384, 49152, 81920, 114688, 147456, 409600, 442368, 802816
Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
[root@Centos7 ~]# dumpe2fs -h /dev/sdb1
dumpe2fs 1.42.9 (28-Dec-2013)
Filesystem volume name: TEST
Last mounted on: <not available>
Filesystem UUID: 377ab43e-76bc-40fe-ac59-2c03d44ce581
Filesystem magic number: 0xEF53
Filesystem revision #: 1 (dynamic)
Filesystem features: has_journal ext_attr resize_inode dir_index filetype extent 64bit flex_bg sparse_super huge_file uninit_bg dir_nlink extra_isize
Filesystem flags: signed_directory_hash
Default mount options: user_xattr acl
Filesystem state: clean
Errors behavior: Continue
Filesystem OS type: Linux
Inode count: 131072
Block count: 1048576
Reserved block count: 10485
Free blocks: 994651
Free inodes: 131061
First block: 0
Block size: 2048
Fragment size: 2048
Group descriptor size: 64
Reserved GDT blocks: 512
Blocks per group: 16384
Fragments per group: 16384
Inodes per group: 2048
Inode blocks per group: 256
Flex block group size: 16
Filesystem created: Thu Jul 16 22:57:42 2020
Last mount time: n/a
Last write time: Thu Jul 16 22:57:42 2020
Mount count: 0
Maximum mount count: -1
Last checked: Thu Jul 16 22:57:42 2020
Check interval: 0 (<none>)
Lifetime writes: 65 MB
Reserved blocks uid: 0 (user root)
Reserved blocks gid: 0 (group root)
First inode: 11
Inode size: 256
Required extra isize: 28
Desired extra isize: 28
Journal inode: 8
Default directory hash: half_md4
Directory Hash Seed: c5943ee0-1151-41a1-963f-82903f4e8c92
Journal backup: inode blocks
Journal features: (none)
Journal size: 64M
Journal length: 32768
Journal sequence: 0x00000001
Journal start: 0
[root@Centos7 ~]# blkid | grep /dev/sdb1
/dev/sdb1: LABEL="TEST" UUID="377ab43e-76bc-40fe-ac59-2c03d44ce581" TYPE="ext4"创建挂载目录/test,并设定开机自动挂载,且默认有acl挂载选项
#创建挂载点
[root@Centos7 ~]# mkdir /test
#查看/dev/sdb1的UUID,严谨的开机自动挂载,需要写入的是UUID,而非设备名
[root@Centos7 ~]# blkid | grep /dev/sdb1
/dev/sdb1: LABEL="TEST" UUID="377ab43e-76bc-40fe-ac59-2c03d44ce581" TYPE="ext4"
#写入/etc/fstab,挂载选项直接写defaults即可,里面就包含有acl的功能,之后会有验证
[root@Centos7 ~]# vim /etc/fstab
[root@Centos7 ~]# tail -1 /etc/fstab
UUID=377ab43e-76bc-40fe-ac59-2c03d44ce581 /test ext4 defaults 0 0
[root@Centos7 ~]# df -Th /test
Filesystem Type Size Used Avail Use% Mounted on
/dev/sdb1 ext4 2.0G 9.1M 1.9G 1% /test
#验证defaluts挂载选项是否具有acl功能
#在挂载目录里/test里创建一个目录,使其只有root用户能够访问(700权限)
[root@Centos7 ~]# cd /test
[root@Centos7 test]# mkdir acldir
[root@Centos7 test]# chmod 700 acldir/
[root@Centos7 test]# echo hello > acldir/file
[root@Centos7 test]# cat acldir/file
hello
#切换本机用户kyle,验证是否能访问/test/acldir
[root@Centos7 test]# getent passwd kyle
kyle:x:1000:1000:kyle:/home/kyle:/bin/bash
[root@Centos7 test]# su - kyle
Last login: Tue May 12 22:12:11 CST 2020 on :0
[kyle@Centos7 ~]$ cd /test/acldir/
-bash: cd: /test/acldir/: Permission denied
[kyle@Centos7 ~]$ exit
logout
#kyle本机普通用户是无法访问/test/acldir目录,所以得设置acl,使其能够访问
[root@Centos7 test]# setfacl -m u:kyle:rwx /test/acldir/
[root@Centos7 test]# getfacl /test/acldir/
getfacl: Removing leading ‘/‘ from absolute path names
# file: test/acldir/
# owner: root
# group: root
user::rwx
user:kyle:rwx
group::---
mask::rwx
other::---
#验证kyle能否访问/test/acldir
[root@Centos7 test]# su - kyle
Last login: Thu Jul 16 23:20:27 CST 2020 on pts/1
[kyle@Centos7 ~]$ cd /test/acldir/
[kyle@Centos7 acldir]$ ls
file
[kyle@Centos7 acldir]$ rm file
rm: remove write-protected regular file ‘file’? y
[kyle@Centos7 acldir]$ ls
[kyle@Centos7 acldir]$ exit
logout
#实验证明defaluts选项具有acl功能验证预留1%的空间
[root@Centos7 test]# rm -rf *
[root@Centos7 test]# cd
[root@Centos7 ~]# df -Th /test
Filesystem Type Size Used Avail Use% Mounted on
/dev/sdb1 ext4 2.0G 9.1M 1.9G 1% /test
#20G的空间,99%就是2027.52M,所以通过dd命令创建一个2030M的大文件,那么磁盘就会显示100%
[root@Centos7 ~]# dd if=/dev/zero of=/test/bigfile bs=1M count=2030
dd: error writing ‘/test/bigfile’: No space left on device
1935+0 records in
1934+0 records out
2028670976 bytes (2.0 GB) copied, 3.15534 s, 643 MB/s
[root@Centos7 ~]# df -Th /test
Filesystem Type Size Used Avail Use% Mounted on
/dev/sdb1 ext4 2.0G 1.9G 0 100% /test
#显示被使用100%,已使用1.9G,总共大小2G,至此,是否还能写入数据了?再创建一个20M的bigfile1文件
[root@Centos7 ~]# dd if=/dev/zero of=/test/bigfile1 bs=1M count=20
dd: error writing ‘/test/bigfile1’: No space left on device
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.000528249 s, 0.0 kB/s
#上述显示已满,无法写入
标签:ice denied calling ica writing min 生效 host none
原文地址:https://blog.51cto.com/14812296/2511150
