[  NOTE:  You  might have to edit "diskhog" to turn the printable control
   characters in the "stty" line into their real values. --r$  ]

DISKHOG.

1.  Introduction.

          'diskhog' is a set of scripts to allow you to enforce disk quotas
       under system V.  You need to specify the blocks allowed for each. 
       user (as reported by 'du'), and run a check script every night.  Users
       who are listed in the 'allowed' file have disk quotas; those which are
       not listed have not.  

           You can also specify 'alternate' directories which are counted 
       as well as the user's home directory.  (for example, I have 
       "/usr/dave" and "~nuucp/dave").  All the files, irrespective of 
       owner, are counted in these directories, which is perhaps a little 
       unfair ... 


2.  How it works. 

            Basically, there is a file called "allowed", which  has
       a list of the number of disk blocks (as per "du") which each
       user is allowed.  The format of this file is

               <user> <allowance>

       where <user> is the user's login name,  and  <allowance>  is
       the maximum number of block they are allowed (as per "du").

            There is also  an  optional  file  called  "alternate",
       containing   additional   directories  to  be  searched  for
       particular users. This is in the form:

                        user    directory ....
                e.g.
                        dave    /usr/spool/uucppublic/dave /sys/dave

            Each night, the script "dcheck" is run  from  the  root
       crontab entry, and checks each user's allowance. If the user
       has more than the allowance, a mail message is sent  to  the
       user asking them to remove some files.

            If after a certain number of  days  the  user  has  not
       removed  enough  files, then a diskhog "tag" is created. The
       next time the user logs on, the shell notices this tag,  and
       spawns a restricted shell via the script "diskhog".

            When running via "diskhog", the user's PATH is  set  to
       "/diskhog:/usr/diskhog",   so  that  you  can  restrict  the
       commands which are available. On my system, all the commands
       in   these   directories   relate  to  removing  files,  and
       formatting floppy disks to put them on.

            When the user logs out of the restricted shell, another
       disk  check  is  performed,  and  if enough blocks have been
       removed, the login is allowed to proceed. If not,  "diskhog"
       is  run  again.  "Diskhog"  is  interrupt-proof,  but can be
       killed by a SIGHUP signal (i.e. turning off the terminal).

            In order to prevent the user from removing the  diskhog
       "tag"  file,  the tag file is placed in a directory owned by
       root, which is not writeable by anyone else. The tag file is
       removed  by  a special command "nohog", which is executed by
       "diskhog" when enough files have been removed. "Nohog"  runs
       suid  root,  and is (hopefully) immune from fraud: it always
       removes the tag of the login user.

            Obviously, you should not put "nohog" in the restricted
       PATH,  or the user would be able to remove their own diskhog
       tag!

            All you need to run disk quotas is:

         1.  An "allowed" file, containing disk allowances.

         2.  If your system has "csh", then you need to type  "make
             csh", since csh does not have a system-wide init file.
             A small program is provided, which makes the  relevant
             check, and then calls the real csh.

         3.  Add a line to the beginning of the file "/etc/profile"
             which reads:

                     if [ -f $DQUOTAS/hogs/$LOGNAME ] ; then diskhog ; fi

             where DQUTOAS is defined  as  your  disk  quota  admin
             directory (see Makefile).

         4.  Make yourself an entry in the root crontab, which runs
             the program "dcheck" sometime during the night.

                  This will read something like:

             03      01      *       *       *       /usr/bin/dcheck

             to run at 01:30 am every night.


       3.  Using csh with diskhog

            Since   my   "csh"   doesn't   have    a    system-wide
       initialisation  file, it's difficult to intercept the logins
       of people using the c-shell.

            I decided to intercept /bin/csh itself, so I moved  the
       real  csh  to  /etc/csh, and wrote a stub program which just
       checks for a tag file, and calls diskhog  if  it  finds  it.
       Then it calls the real csh.

            This works fine on my system, but make  sure  it's  not
       going  to  interfere  with  things on your system before you
       install it.

            Have fun.


            Dave Settle, SMB Business Software, Thorn EMI Datasolve
			[ Now Universal (CMS) Ltd.]
