I am trying to set quota on some directories when the user connect for the first time to the samba box (that runs on Rocky Linux 8). So, before being able to use the samba share, the user has to connect to the machine ( console or ssh, doesn't matter). While doing that, there's a script run by pam_exec.so that creates a bunch of folders, set permissions and create files.
I tried to use the "setquota" command in that file without any success. I have correctly set the flags in the fstab file as the standalone command "setquota" works correctly when launched from the root session.
So I then tried the pam_setquota.so module, as it would do the same anyway.
Nope, same result. I guess both really don't like that the user is a ActiveDirectory User format. The user format is DOMAIN\User (and it usually need to be DOMAIN\\User) Samba maps the user to uid starting from 10000.
I tried to change the format of the user ( different flavours of \\) but nothing works, except if I run the command from the root shell, it reports correct results.
snippet from the pam_exec run script
if [[ "${PAM_USER}" == *\\* ]];then
folder="/data/${PAM_USER}"
if [ ! -d "$folder" ]; then
mkdir "$folder"
chmod 555 "$folder"
.
.
.
quota_user="${PAM_USER}//\\/\\\\}"
setquota -u ${quota_user} 0 10485760 0 0 /data
.
.
.
fi
if
pam_setquota line
session optional pam_setquota.so fs=/data overwrite=1 startuid=10000 enduid=0 bsoftlimit=0 bhardlimit=10485760 isoftlimit=0 ihardlimit=0
if i run setquota -u DOMAIN\\User 0 10485760 0 0 /data and repquota /data
it shows me
and since it is the first connected user, it takes UID #10000
What am I missing here?
Thank you very much.
Best Answer
Turns out that setquota doesn't mean anything at that stage, so you have to use the complete path to call it (/usr/sbin/setquota).
Also, as expected, it doesn't like the samba name. Which can be fixed by using