From owner-freebsd-hackers@FreeBSD.ORG Thu Jul 19 02:50:59 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F3A2916A402 for ; Thu, 19 Jul 2007 02:50:58 +0000 (UTC) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (ns1.ecoms.com [207.44.130.137]) by mx1.freebsd.org (Postfix) with ESMTP id CC0EC13C478 for ; Thu, 19 Jul 2007 02:50:58 +0000 (UTC) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (localhost.roq.com [127.0.0.1]) by p4.roq.com (Postfix) with ESMTP id 4D2AF4CE61 for ; Thu, 19 Jul 2007 02:21:01 +0000 (GMT) Received: from smitch7.jumbuck.com (p82.jumbuck.com [206.112.99.82]) by p4.roq.com (Postfix) with ESMTP id 254DC4CE39 for ; Thu, 19 Jul 2007 02:21:01 +0000 (GMT) Received: from smitch7.jumbuck.com (mail.jumbuck.com [206.112.99.82]) by smitch7.jumbuck.com (Postfix) with ESMTP id 8F190410C8B; Thu, 19 Jul 2007 02:19:54 +0000 (UTC) Received: from beaste5.jumbuck.com (ppp198-18.static.internode.on.net [59.167.198.18]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smitch7.jumbuck.com (Postfix) with ESMTP id 404F9410C06; Thu, 19 Jul 2007 02:19:54 +0000 (UTC) Received: from beaste5.jumbuck.com (beast5 [192.168.46.105]) by beaste5.jumbuck.com (Postfix) with ESMTP id 79EF0209D1A9; Thu, 19 Jul 2007 12:19:53 +1000 (EST) Received: from [192.168.46.102] (unknown [192.168.46.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by beaste5.jumbuck.com (Postfix) with ESMTP id 52EAD209D195; Thu, 19 Jul 2007 12:19:53 +1000 (EST) Message-ID: <469ECA49.8050101@thebeastie.org> Date: Thu, 19 Jul 2007 12:19:53 +1000 From: Michael Vince User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.8.1.4) Gecko/20070604 SeaMonkey/1.1.2 MIME-Version: 1.0 To: Julian Elischer References: <200706051149.45787.rapopp@eastcentral.edu> <4665B28A.7060608@elischer.org> In-Reply-To: <4665B28A.7060608@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-hackers@freebsd.org, rapopp@eastcentral.edu Subject: Re: kern.ngroups question X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jul 2007 02:50:59 -0000 Julian Elischer wrote: > Reuben A. Popp wrote: >> Hello all, >> >> Can someone explain to me the rationale behind having ngroups_max set >> to 16 by default? >> > > NFS only supports this much by default (from memory). > > Samba (in the guise of Jeremy Allison) > has asked us to follow Linux's lead and support an arbitrary number of > Groups > but it hasn't happened yet, Partly due to the question of "what to do > about NFS" and partly just due to ENOTIME. I think at the very least that there should be some more obvious warnings about this potentially serious limitation in either release notes of FreeBSD and or Samba. I just had to deal with this limitation and it was quite annoying to say the least, it appears Samba is somewhat deliberately designed to give you a hard time when you run into this limit, because as soon as you add a user to more than 16 groups it declares the group file unreadable and as a security measure shuts down all shares and authentication which wrecks a network which relies on Samba. Also as far as I know Solaris and Linux has long gone past this limitation. Mike