[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Group limitation of 32 in Sarge with kernel 2.6

Hello,
There is a nasty limitation in Linux kernel version 2.4 that one user can't belong to more than 32 groups. This is a problem for our company because user management (e.g. for Samba) is done using groups and limit of 32 is getting too small.
This limitation has been removed from kernel 2.6 (see e.g. http://www.ussg.iu.edu/hypermail/linux/kernel/0407.3/1442.html). I tested this with Sarge and kernel 2.6, see below, but the problem still appears. I assume that even though the limitation is removed from the kernel it still exists in some user land programs and utilities. 

----[testing]--------------------------------------------

# I have Sarge with kenel 2.6
peke@paju:~$ cat /etc/debian_version
3.1
peke@paju:~$ uname -a
Linux paju 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux

# I've added myself to 32 additional groups in /etc/group
peke@paju:~$ cat /etc/group
root:x:0:
daemon:x:1:
[removed other system groups]
group1:x:10001:peke
group2:x:10002:peke
group3:x:10003:peke
group4:x:10004:peke
[removed similar groups 5-30]
group31:x:10031:peke
group32:x:10032:peke

# I'm still member of only 32 groups (7 default and 25 additional)
peke@paju:~$ groups
peke dialout cdrom floppy audio video plugdev group1 group2 group3
group4 group5 group6 group7 group8 group9 group10 group11 group12
group13 group14 group15 group16 group17 group18 group19 group20
group21 group22 group23 group24 group25
peke@paju:~$ groups | wc -w
32

# There's some folders for created groups I should be able to access
peke@paju:~$ ls -l /tmp/ | grep group
drwxrwx---  2 root group1  4096 2005-06-15 15:41 group1
drwxrwx---  2 root group25 4096 2005-06-15 15:42 group25
drwxrwx---  2 root group26 4096 2005-06-15 15:42 group26
drwxrwx---  2 root group32 4096 2005-06-15 15:42 group32

# Accessing only folders for groups 1-25 succeeds
peke@paju:~$ touch /tmp/group1/foo
peke@paju:~$ touch /tmp/group25/foo
peke@paju:~$ touch /tmp/group26/foo
touch: cannot touch `/tmp/group26/foo': Permission denied
peke@paju:~$ touch /tmp/group32/foo
touch: cannot touch `/tmp/group32/foo': Permission denied

----------------------------------------------------------
Does anyone have ideas how to overcome this problem? Is it likely that programs and/or utilities still having this problem are fixed in somewhat near future? 

TIA,
	.peke
--
Qentinel Oy, Pekka Laukkanen
pekka.laukkanen@qentinel.com, +358 40 7791909
Tekniikantie 14, 02150 Espoo, Finland
http://www.qentinel.com/
Reply to: