fs-check - size report daemon/program


fs-check [options...] [directory]

Checks the disk usage locally for filling or full filesystems.


fs-check checks the disk usage locally as reported by the command for filling or full filesystems. It determines what filesystems to check what threshold to use for an alert, and what to do based on a user-customizable configuration file.

The program records it's process id in the file If it receives a -HUP signal the configuration file is reread.



Give rudimentary help and exit


show a CVS version string and exit

--debug integer

give debugging output. The higher the number, the more the output. Default is no debug information (0).

--df path to df-program and options

In order to get filesystem size information the program ``df'' is run and it output has to be in a format that this program recognizes. When this package was configured we look for a suitably compatible df program. However you can override this default or specify the df program explicitly with this option.

The default is

   /bin/df -t jfs -t ext2 -t ext3 -t ntfs -t reiserfs -t vfat --local
--mail mail program

When a threshold has been exceeded a report is usually mailed out. The Perl module Mail::Send can be used. However another possibility is an external program. The default program here is Mail.


Normally the program runs a disk check and then sleeps a bit. However if the -1 or --once option is used, the program is run once.

--pidfile pid file location

When fs-check start as a daemon it write its process id in a file.

Normally you shouldn't have to set this or worry about it. The default is /var/run/

--sleep seconds

When this program is run as a daemon (e.g. the --once option is not in effect) the period to wait in seconds between is set by this parameter.

--timeout seconds

When a one of the thresholds for a filesystem is exceeded, a program or script is executed. The maximum time used in executing that program can be set by --timeout.


A configuration file for fs-check specifies:

  1. what filesystems are checked/excluded. Included filesystems are specified with OWNER and excluded filesystems are specified with EXCLUDE or EXCLUDE_PAT with optionally a DEFAULT prefix.

  2. at what point to start to complain. A threshold is specified with LIMIT for filesystem space or ILIMIT for inode space with optionally a DEFAULT prefix.

  3. who to send mail when there is trouble. A mail contact is specified with OWNER with possibly a DEFAULT prefix.

  4. what program to run when there is trouble. A program to run is specified with ACTION with optionally a DEFAULT prefix.

  5. the shortest interval between which we send notifications. This is specified via MIN_INTERVAL with optionally a DEFAULT prefix.

Lines with # in column 1 or blank lines are ignored. Actually, any line that doesn't match a valid line is ignored.

So what isn't ignored? Lines that begin in column 1 with EXCLUDE, EXCLUDE_PAT, OWNER, LIMIT, ACTION, or DEFAULT. Below we give the format of each of these directives.

Case is not significant

EXCLUDE mount-point
EXCLUDE_PAT mount-point-regexp
OWNER mount-point email-address amount full
OWNER mount-point email-address
LIMIT mount-point amount full
ILIMIT mount-point amount full
ACTION mount-point script-or-program
MIN_INTERVAL mount-point seconds
DEFAULT OWNER email-address
DEFAULT OWNER email-address amount full
DEFAULT LIMIT amount full
DEFAULT ILIMIT amount full

amount full is either the percentage of the disk full or the number of bytes that need to be available. The way we distinguish the first case from the second is to add a K, KB, M, MB, G, or GB at the end. An optional % can be used to specify percent for more clarity, although if just a number is used it is taken as a percentage.

For example ``default 90'' and ``DEFAULT 90%'' are the same thing and mean that mail should be sent out on any disk that is 90% or more full unless otherwise specified by a more specific LIMIT, ILIMIT or OWNER (with amount) line.

In contrast, 4096KB, 4096k, or 4MB means that 4 megabytes must be available on the disk. You may want to use this form for say the root partition.

If there are many lines which refer to the same disk, or change the default (which can be done in a couple ways), the last one sticks.


  # This is who gets mail when something's wrong and no further specification
  default owner  rocky 95%
  # This is the program to run when no other program is specified...
  default action /usr/local/bin/fs-report
  # Limit at which to complain about i-nodes...
  default ilimit 99%
  # Don't sent out notifications if they occur less than 30 minutes
  # (1800 seconds) from the last notification
  default min_interval 1800
  # The limits for the directory which holds /tmp should not be
  # too close to the maximum limit. The file system checker stores its
  # temporary data there. So if this is too full, we won't get a useful
  # report back.
  #limit   /      70%
  #limit   /var   90%
  #limit   /usr 95%
  #limit   /src   90%
  limit    /home        90%
  action  /var /usr/local/bin/fs-report --nocore
  # Don't check any filesystem starting /cdrom...
  exclude_pat ^/mnt/cdrom
  exclude_pat ^/cdrom
  # Filesystems not listed, e.g /home, would be checked as they come
  # under the default. If you want a disk exclude them, create/uncomment
  # an exclude line such as the one below.
  exclude /mnt/floppy
  exclude /mnt/msfloppy
  exclude /mnt/cdrom
  exclude /mnt/cdrom2
  exclude /mnt/dvd


Any daemon such as this one which is sufficiently flexible is a security risk. The configuration file allows arbitrary commands to be run. In particular if this daemon is run as root and the configuration file is not protected so that it can't be modified, a bad person could have their programs run as root.

There's nothing inherent in fs-check, that requires one to run this daemon as root.

So as with all daemons, one needs to take usual security precautions that a careful sysadmin/maintainer of a computer would. If you can run any daemon as an unprivileged user (or with no privileges), do it! If not, set the permissions on the configuration file and the directory it lives in. Commands that need to be run as root you can run via sudo. On Solaris, I often run process accounting which tracks all commands run. Tripwire may be useful to track changed configuration files.


To debug a configuration file the following options are useful:

   fs-check --norun -1 --debug 2 *configuration-file*

For even more information and control try running the above under the Perl debugger, e.g.

  perl -d fs-check --norun -1 --debug *configuration-file*


My log rotation program and file removal/archival program might assist in maintenance the filesystem so it doesn't fill up.


Has a number of Unixisms and non-generalities:

Please volunteer to fix any of these.


The current version is maintained (or not) by


  Copyright (C) 2004, 2005, 2005, 2006 Rocky Bernstein, email:
  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  GNU General Public License for more details.
  You should have received a copy of the GNU General Public License
  along with GNU Make; see the file COPYING.  If not, write to the
  Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
  MA 02111-1307, USA.

$Id:,v 1.26 2006/02/25 18:27:54 rockyb Exp $