From owner-freebsd-hackers@FreeBSD.ORG Wed Jun 6 21:41:59 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0EE8D16A469 for ; Wed, 6 Jun 2007 21:41:59 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185]) by mx1.freebsd.org (Postfix) with ESMTP id A070C13C45E for ; Wed, 6 Jun 2007 21:41:56 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from [192.168.2.102] ([172.21.151.3]) by smtp-1.dlr.de with Microsoft SMTPSVC(6.0.3790.1830); Wed, 6 Jun 2007 23:28:39 +0200 Message-ID: <46672710.9030508@dlr.de> Date: Wed, 06 Jun 2007 23:28:48 +0200 From: Hartmut Brandt Organization: German Aerospace Center User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: rapopp@eastcentral.edu References: <200706051149.45787.rapopp@eastcentral.edu> In-Reply-To: <200706051149.45787.rapopp@eastcentral.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 06 Jun 2007 21:28:39.0592 (UTC) FILETIME=[A6327280:01C7A881] Cc: freebsd-hackers@freebsd.org Subject: Re: kern.ngroups question X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2007 21:41:59 -0000 Reuben A. Popp wrote: > Hello all, > > Can someone explain to me the rationale behind having ngroups_max set to 16 by > default? > > I came across this issue originally when working on our Samba implementation > (samba-3 out of ports, running on 6-STABLE). We have some users that belong > to a number of groups, some of whom need to belong to more groups than the > defined hard limit. On doing a little research, I did come across the PR > detailed in http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/108552, and > continued reading the linked thread from March 2003, however this really > doesn't explain why the limit is set to 16. > > Can one adjust the value in syslimits.h on a system and then rebuild > world/ports with the expectation this will work, or is the issue more > involved then that? Is (or has) there any discussion on raising that number > to a larger value? > My desktop runs with ngroups 64 for over two years. The accounts come from an AD with a lot of groups for everything. If I remember correctly I fixed a number of issues in libc with regarding to truncating the group list when packing it into RPCs. It now just ignores the extra groups instead of dumping core :-) So if you don't need the group memberships for NFS access thing should work. harti