Date: Thu, 8 Dec 2005 11:30:15 +0300 From: Igor Robul <igorr@speechpro.com> To: freebsd-questions@freebsd.org Subject: Re: Changing maximum number of groups in FBSD - is it feasible? Message-ID: <20051208083015.GE89624@sysadm.stc> In-Reply-To: <fb6605670512071048h4235c584l48574cda7a2214a2@mail.gmail.com> References: <200512071741.57495.no-spam@swiftdsl.com.au> <fb6605670512071048h4235c584l48574cda7a2214a2@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 07, 2005 at 01:48:04PM -0500, Michael P. Soulier wrote: > On 12/7/05, Ian Moore <no-spam@swiftdsl.com.au> wrote: > > Hi, > > > > I'm toying with the idea of increasing the maximum number of groups a user can > > belong to on one of my servers - we have a rather complex organisation and > > we're hitting the 15 group limit for some people. > > Have you considered cascading groups? That's the normal workaround on > Enterprise Unix systems like HP-UX and Solaris. > > Instead of putting everyong in "group", do this instead. > > group:*:100:group1,group2 > group1:*:101:user1,user2 > group2:*:102:user3, user4 AFAIK FreeBSD (and Linux) does not support nested groups (I'm not sure about POSIX) :-( So you can use ACLs (as I do now), or you can recompile world/kernel with changed syslimits.h: syslimits.h:#define NGROUPS_MAX 16 as I did with FreeBSD-4.X. But be careful on system upgrading. You need compile both world and kernel because these limits get compiled to libc, kernel and some static linked utilite and some static linked utilites..
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051208083015.GE89624>