[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: User w/o access: Cached file properties?

Am Donnerstag 09 August 2007 22:14 schrieb Petter Reinholdtsen:
> This sound a bit like the good old NFS problem, where a user with two
> many group memberships do not get the privileges he is supposed to
> have.  It is a defect of the NFS v2 protocol, and there is a hard
> limit on 16 groups.  Users with more group membership will appear to
> not be a member of some of the groups.  Could this be the problem
> here?  'id' as the user would show the group membership.  You can
> also use wireshart to snoop on the NFS traffic to check if the
> correct groups are passed on to the NFS server.

Dear Petter,

thanks, this was a hit!

We have (only) 9 years at our schools, plus 2 roles makes 11 groups. But 
we tweaked our KDM to join users to audio, video, saned, camera, 
voice... Obviously, these "local"/temporary groups have highest 
priority, followed by LDAP groups in order as added. 

Having removed all entries from /etc/security/group.conf  - there is 
still one exceeding group.  

For some reason, KDE users are automagically members of voice, camera, 
saned ... (but not audio!). I need to remove voice. Only How??


Reply to: