[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Too many default groups in Skolelinux' LDAP schema?

On Wed, Mar 17, 2004 at 04:25:06PM +0100, Andreas Schuldei wrote:
> * Ragnar Wisloff (ragnar@skolelinux.no) [040317 10:34]:
> > There's been an entertaining discussion about this :-)
> > Let me just make the comment that too many groups will create real 
> > problems, no matter what the naming scheme is. Since NFS will honour no 
> > more than 16 groups, users logging in to a thin client server (which 
> > mounts the home dirs etc. using NFS) will risk not being able to use 
> > common file storage set aside for a specific group. We have diagnosed 
> > this problem at one school at least, where one of the teachers was a 
> > member of 28 groups.
> yes, that is a protocol problem. it is still there in nfs v3.
> perhaps it is lifted in v4, but we would not want to use that
> since it is still bleeding edge.
> there were patches since 1999 to change this but they would have
> broken the protocoll. i suggest we use them. 
> just kidding. btw: smbfs does not suffer from *that* restiction. 
> ironically enough, the groups that i introduced can *help* to
> avoid that limit, since they dont necessarily need to be
> posix-groups. we can use posix groups if file-sharing is
> necessary and others to do organisational and structural
> partitioning.

Then I would opt for changing the groups juadmin and genagegp so that
they no longer is added by default. 

Also to cause less confusion to the ones adding users and groups, I
vote for making this groups optional in wlus. When you add a user, you
may create this additional age groups, and groups like juadmin, but you
don't need to. 

Finn-Arne Johansen 

Reply to: