Re: NGROUPS/NGROUPS_MAX

To: Edgar Fuß <ef%math.uni-bonn.de@localhost>, tech-kern%NetBSD.org@localhost
Subject: Re: NGROUPS/NGROUPS_MAX
From: Brian Buhrow <buhrow%nfbcal.org@localhost>
Date: Wed, 9 Oct 2013 07:07:54 -0700

        Hello.  The thornier issue, I think, is that unless things have
changed since I worked with this stuf last time, and that is highly
probable, the group data is passed in and out of the kernel in fixed sized
arrays.  so, you'll have to modify libc on every nfs client for every
operating system that wants to be a client of your nfs server, potentially.
I remember trying to do this a number of years ago and finding all of these
limitations in places I didn't expect.  This is why access control lists
came into being.

-Brian

On Oct 9,  3:58pm, Edgar =?iso-8859-1?B?RnXf?= wrote:
} Subject: Re: NGROUPS/NGROUPS_MAX
} > Of course.  But will it do what you want?
} I don't understand your concerns.
} 
} My intention was to let the NFS client run the modified kernel with a raised 
} group limit. Then, the process in question will be a member of more than 16 
} secondary groups which will enable it to access files readable for these 
} groups, be it on NFS or not. Where is the NFS server involved? Enforcing 
} access limits is the client's business, isn't it?
>-- End of excerpt from Edgar =?iso-8859-1?B?RnXf?=

References:
- Re: NGROUPS/NGROUPS_MAX
  - From: Edgar Fuß

Prev by Date: Re: NGROUPS/NGROUPS_MAX
Next by Date: Re: NGROUPS/NGROUPS_MAX
Previous by Thread: Re: NGROUPS/NGROUPS_MAX
Next by Thread: Re: NGROUPS/NGROUPS_MAX
Indexes:

Home | Main Index | Thread Index | Old Index