Date: Fri, 30 Oct 2015 08:20:46 -0500 From: Josh Paetzel <josh@tcbug.org> To: freebsd-fs@freebsd.org Subject: NFS --manage-gids Message-ID: <29F53220-75AB-4898-B1E4-C1BF0231E25B@tcbug.org>
next in thread | raw e-mail | index | archive | help
As anyone who is familiar with NFS is aware, auth_sys has a limit of members= hip in 16 aux groups. In today's "everything is in AD universe" it's incredibly common for an acco= unt to be in more than 16 groups. There are various solutions to this. Right now the only reasonable one on Fre= eBSD is to use Kerberos. auth_krb does not have the 16 group membership limi= t. Of course that solution is great if you already use Kerberos, but if you d= on't suggesting that as a solution does't always go over so well. The Linux crowd extended their NFS server years ago with a --manage-gids opt= ion that lets it ignore the group member ship sent over the wire by the clie= nt and look up group membership locally. Does anyone have any objections to that option getting ported to FreeBSD? Thanks, Josh Paetzel=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?29F53220-75AB-4898-B1E4-C1BF0231E25B>