Monday, March 8, 2010

FreeBSD (IV)

How to create filesystem snapshots:
# mount -u -o snapshot /root/snapshot /var
or
# makesnap_ffs /var /root/snapshot
This will create a snapshot of /var diretory into /root/snapshot file. Snapshot can be mounted like this:
# mdconfig -a -t vnode -f /root/snapshot -u 4
# mount -r /dev/md4 /mnt
# umount /mnt
# mdconfig -d -u 4
Filesystem quotas. To enable them, first, you'll have to have this in your kernel config:
options QUOTA
And this added to your rc.conf file:
enable_quotas="YES"
To disable bootup quotacheck with will largely increase boot time, you can disable it by adding this to rc.conf:
check_quotas="NO"
To enable user and group quotas on a filesystem, you should add this to your /etc/fstab:
/dev/da0s1a    /    ufs    rw,userquota,groupquota        1    1
To check if quota is enables, run this:
# quota -v
To edit a users' quota, you'll need to run this:
# edquota -u testuser
To assign the same quota settings to multiple users, you can use this:
# edquota -p testuser testuser1 testuser2 testuser3 ...
or
# edquota -p testuser 1000-1500
This will assing the same quota settings of testuser to users that UIDs are between 1000 and 1500.

Filesystem encryption, and even swap encryption for the real paranoid system admins, can be achieved using gbde (GEOM based disk encrytion) or geli. gdbe will need this added to kernel config and recompilation:
options GEOM_BDE
geli is a newer way to encrypt filesystems and it's available from FreeBSD 6.0. Good part is that is faster than gbde, and supports multiple encryption algorithms, and you'll need this added to your kernel config:
options GEOM_ELI
device crypto

No comments:

Post a Comment