I'd like to be able to set up a default user quota for members of a group if they don't have a specific user quota defined. The idea is that by default, they'd have this standard quota but if a specific entry for them was made in the aquota.user file that specific quota would apply and override the default.
Is this even possible?
On RedHat-based systems (at least) such as Fedora and CentOS you can use the edquota command to edit the quotas set for an individual user or a group.
You'll have to setup the file system to support quotas and use the quotacheck command to setup and create the quota files (aquota.user and aquota.group) which it sounds like you already have if you have user quotas defined, and then use edquota to actually edit the quotas.
See this RedHat document for a more in-depth description on how to implement quotas and apply them to groups and see the man page for edquota here.
You can use the -p option on edquota to prototype a quota from a group or user to another user or set of users.
No, that's not possible.
From the file system's point of view, quota is checked against the group and owner of the file. The user id and (primary and secondary) group IDs of the process are irrelevant here, they only affect whether the user is permitted to
chgrp()
the file and therefore have it count against another group's quota.Group membership is set for a process when the user logs in, and inherited by child processes, so this is always just a snapshot. Tools like
sg
allow a user to start a process that is a member of an additional group, so the file system can see inconsistent group memberships from different processes belonging to the same user.There is no system-wide (or organization-wide, if you use something like NIS) notification system that could be used to update the file system's accounting information when a user joins or leaves a group; editing
/etc/group
does not trigger any action, and/etc/group
is not the only mechanism that can be used to define a group.A higher-level tool could implement this, but you'd need to also define a mechanism that updates the file system's quota limits accordingly when group membership changes.