+++ This bug was initially created as a clone of Bug #1103849 +++ Description of problem: I noticed that over time, our quota files have accumulated a large number of entries for deleted users. At first I thought this only happened when a gear delete failed partway through, but it looks like there's not even an attempt to unset the quota on delete. Version-Release number of selected component (if applicable): rubygem-openshift-origin-node-1.24.9-1.el6oso.noarch How reproducible: Always Steps to Reproduce: 1. create an app: rhc app create test php 2. log into the node, and note the numeric uid of the user rhc ssh test id -u 3. delete the app rhc app delete test 4. Log into the node as root, and run: repquota -v /var/lib/openshift | grep <UUID> where <UUID> is the result of the "id -u" command above. 5. See a line like: #1567 -- 0 0 1048576 0 0 80000 Actual results: A quota entry exists Expected results: Quota entries should be cleaned up when accounts are deleted. Additional info: This should simply be a matter of running this: "setquota -u <UUID> 0 0 0 0 /var/lib/openshift" immediately before the user is deleted. After the fact, you can run the command with the UID instead of UUID. --- Additional comment from Jhon Honce on 2014-06-02 14:20:38 EDT --- The disable_fs_limits() call in selinux_container#destroy() should resolve to the setquota command given in description. --- Additional comment from Andy Grimm on 2014-06-02 14:53:16 EDT --- right, should, but doesn't because you've already deleted the user entry, so you have to set quota for the numeric uid rather than the UUID. So probably the fix is just changing this in disable_fs_limits: ::OpenShift::Runtime::Node.remove_pam_limits(@container.uuid) to ::OpenShift::Runtime::Node.remove_pam_limits(@container.uid) --- Additional comment from Andy Grimm on 2014-06-02 15:34:13 EDT --- Comment #2 was obviously a copy-paste fail ... I meant: ::OpenShift::Runtime::Node.remove_quota(@container.uuid) to ::OpenShift::Runtime::Node.remove_quota(@container.uid) --- Additional comment from Meng Bo on 2014-06-03 07:25:06 EDT --- I can reproduce the bug on devenv-stage_861 with new mount point /. # repquota -v / ... #1000 -- 0 0 1048576 0 0 80000 --- Additional comment from Andy Grimm on 2014-06-03 11:16:24 EDT --- The fix actually takes a little more work due to our use of "always-resolve". Here's the patch that worked for me: https://github.com/a13m/origin-server/commit/b7a83174d85d2534b8c4223d04b1b198469e5b6e I have not gone through the tests yet, though. --- Additional comment from Rajat Chopra on 2014-06-12 15:56:48 EDT --- Fixed with pull request : https://github.com/openshift/origin-server/pull/5503
Upstream commit: commit b7a83174d85d2534b8c4223d04b1b198469e5b6e Author: Andy Grimm <agrimm> Date: Tue Jun 3 11:12:40 2014 -0400 Bug 1103849 - Remove quota for deleted gear by uid
Verified and pass on puddle-2-1-2014-08-01 Before app delete: [root@node1 ~]# repquota -v / |grep 53df1b1416ae31a6e4000009 53df1b1416ae31a6e4000009 -- 1580 0 2048576 388 0 80000 After app delete: NO quota info are left. [root@node1 ~]# repquota -v / |grep 53df1b1416ae31a6e4000009 [root@node1 ~]# repquota -v / |grep 3263
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1095.html