The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is only hapening to me or is a critical quota problem?

Discussion in 'General Discussion' started by manokiss, Feb 11, 2006.

  1. manokiss

    manokiss Well-Known Member

    Joined:
    Mar 31, 2002
    Messages:
    571
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    Just wondering if this is something hapening only to us or in other case could be a critical quota problem.....

    We have a client with a gallery program, as you know some of the directories in gallery are owned by "nobody", so wondering if the WHM calculate the space used by nobody owned files in the users account. Looks like not.

    The client have a limit of 3.2Gb and he used almost 6gb.

    WHM is only showing 1.6gb as used space but the rest of the used space are files owned by "nobody".

    Any thoughts? If cPanel is not counting the nobody owned files under each client account we have a problem guys, as you could see anyone could abuse the quota limit.

    Any idea? Is hapening this only to me?

    Thank you!
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It'll affect anyone not using phpsuexec since files created by php scripts will be owned by nobody:nobody. Since cPanel uses the *nix quota system, those files cannot be charged to the users quota.

    So, this is basically a failure of the PHP security model. There's little cPanel can do. The best that you can do is to chown files within all accounts public_html directories to the respective username:username and set permissions on those files with world read and write.

    Or switch to using phpsuexec and the problem goes away.
     
  3. erinspice

    erinspice Well-Known Member

    Joined:
    Feb 12, 2006
    Messages:
    99
    Likes Received:
    0
    Trophy Points:
    16
    Which will introduce a host of new problems, especially if the thread-starter's client is using gallery - which is NOT phpsuexec friendly. Yes, this is a normal problem.
     
  4. HostIt

    HostIt Well-Known Member

    Joined:
    Feb 22, 2003
    Messages:
    151
    Likes Received:
    1
    Trophy Points:
    18
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I don't see how cPanel can do much about it, regardless of the desires in the bugzilla entry. They can certainly count all the files when displaying the quota usage, however to enforce it requires the linux quota system. The problem here isn't with cPanel or linux or the quota system, but with PHP.
     
  6. tazmandev

    tazmandev Registered

    Joined:
    Feb 13, 2006
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Let us not install php

    So if the problem is with php perhaps we should all uninstall php. This would be an easy solving of this problem.
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Sarcasm aside, of course it's a problem with php and their lack of forethought and poor security model. The rest is other apps trying to hide those problems, the best of which is phpsuexec which had to be developed outside of official php support simply to allow php to work acceptably in a shared environment.
     
  8. HostIt

    HostIt Well-Known Member

    Joined:
    Feb 22, 2003
    Messages:
    151
    Likes Received:
    1
    Trophy Points:
    18
    I'm not following the logic. Surely cPanel can enforce their quotas any way they choose? I don't understand the reliance on the quota system.
     
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    How? They'd have to write their own kernel hooks and possibly have dedicated cPanel kernels for all the OS's they support. I cannot see them doing that because of a deficiency in one scripting language. Qutoas are not a simply matter of counting up the amount of space being used.
     
  10. HostIt

    HostIt Well-Known Member

    Joined:
    Feb 22, 2003
    Messages:
    151
    Likes Received:
    1
    Trophy Points:
    18
    What does cPanel use quotas for other than counting up the amount of space being used?
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    For limiting the amount of space an account can use, which affects:

    email
    ftp
    ssh
    php scripts creating files
    perl scripts creating files
    any scripts (e.g. shell) scripts creating files
    log files
    etc...

    All of which can only be limited effectively from with the kernel I/O routines.
     
  12. HostIt

    HostIt Well-Known Member

    Joined:
    Feb 22, 2003
    Messages:
    151
    Likes Received:
    1
    Trophy Points:
    18
    Thanks for the explanation chirpy, I had been looking at it from a very simplified point of view and didn't take into account the external elements. As you say, cPanel could very easily tally the disk usage up however they wanted (which is as far as my thought process went) but that's pointless if PHP and email can continue filling up the account - although arguably at least my clients and I would have an indication of their actual space usage.

    Oh well, I'd like to think there is a solution in there somewhere - be it cPanel 'manipulation' of the quota system or somesuch. If not, I guess I'll just have to continue dealing with the repercussions at this end :)
     
  13. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Don't get me wrong - I do wish something could be more easily done about it, but the way php developed their software is very very frustrating in a web hosting environment which they apparently didn't bother to consider.

    There are currently two main options to work around that shortcoming:

    1. Use phpsuexec, but before of its restrictions
    2. Chown and chmod files owned by nobody in /home on a regular basis

    Personally, I insist on phpsuexec on all of my servers.
     
  14. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    St. Charles, MO
    Why couldn't the totally awesome script programmers of cPanel/WHM actually create yet another small script, similar to the hundreds they already use that just runs the du command for Linux/Unix.

    It's easy to parse output in a script, numbers can be easily checked against a quota allowance, and it doesn't matter who own's what files within the /home/<username> directory, they all get counted.

    Allowances could also be made within the scripting to ignore the tmp directory or other disk space generated by the backend scripts.

    The only issue with a timed script like this is the quota would not be enforced in real time like the current system. So if a user used up a gig or two of disk space between the times the check script ran, you'd never know. On the other hand, I believe an addition of some form of this could help catch 80% of those that skirt the current quota system with files owned by nobody.

    Chuck
     
  15. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    If you're going to look at that, then you might as well write a regular cron job to chown+chmod files owned by nobody on a regular basis as already suggested so that you'd be able to use the *nix quota system.
     
Loading...

Share This Page