# xfs quota für hardened amd64

## Raze

Mit aktiviertem Grsec kann ich keine quota setzen:

```
strace setquota -u 1043 350 400 0 0 /dev/sda4
```

*snip

```
stat("/dev/sda4", {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 4), ...}) = 0

quotactl(Q_XGETQSTAT|USRQUOTA, "/dev/sda4", 0, {version=1, ...}) = 0

stat("/dev/sda4", {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 4), ...}) = 0

quotactl(Q_XGETQSTAT|USRQUOTA, "/dev/sda4", 0, {version=1, ...}) = 0

geteuid()                               = 0

quotactl(Q_XGETQUOTA|USRQUOTA, "/dev/sda4", 1043, 0x7b5e80f91a30) = -1 EPERM (Operation not permitted)

quotactl(Q_XSETQLIM|USRQUOTA, "/dev/sda4", 1043, {version=0, flags=0, fieldmask=0x3f, id=0, blk_hardlimit=800, blk_softlimit=700, ino_hardlimit=0, ino_softlimit=0, bcount=0, icount=0, ...}) = -1 EPERM (Operation not permitted)

write(2, "setquota: ", 10setquota: )              = 10

write(2, "Cannot write quota for 1043 on /"..., 66Cannot write quota for 1043 on /dev/sda4: Operation not permitted

) = 66

exit_group(1)                           = ?
```

Scheitert demnach bei auslesen / setzen des xfs_quotas, ich bin aber völlig ratlos und froh um jeden Tip. Deaktiviere ich grsec oder melde mich per admin-role an kann problemlos quotas setzen.

----------

