[Re-asking] Group limitation of 32 in Sarge with kernel 2.6
Hi all,
Some time ago I asked about the limitation that one person (actually a
process) can be member of only 32 groups. The problem was originally in
the kernel but ought to be solved with the 2.6 release. The problem
still exists in Debian Sarge with 2.6.8 kernel, though, as my original
message (included below) shows. The problem seems to be rather hard
since nobody replied. Just today we needed to do some extra work because
of it and I decided to ask again.
This time I would also be happy if someone could point me to another
mailing list (or other source) where to ask. Would it be appropriate to
use for example debian-devel? As an extreme measure I would also be
interested to hear about other distros that would not have this
limitation anymore.
Cheers,
.peke
-------- Original Message --------
Subject: Group limitation of 32 in Sarge with kernel 2.6
Date: Wed, 15 Jun 2005 15:59:27 +0300
From: Pekka Laukkanen <pekka.laukkanen@qentinel.com>
To: debian-user@lists.debian.org
Hello,
There is a nasty limitation in Linux kernel version 2.4 that one user
can't belong to more than 32 groups. This is a problem for our company
because user management (e.g. for Samba) is done using groups and limit
of 32 is getting too small.
This limitation has been removed from kernel 2.6 (see e.g.
http://www.ussg.iu.edu/hypermail/linux/kernel/0407.3/1442.html). I
tested this with Sarge and kernel 2.6, see below, but the problem still
appears. I assume that even though the limitation is removed from the
kernel it still exists in some user land programs and utilities.
----[testing]--------------------------------------------
# I have Sarge with kenel 2.6
peke@paju:~$ cat /etc/debian_version
3.1
peke@paju:~$ uname -a
Linux paju 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
# I've added myself to 32 additional groups in /etc/group
peke@paju:~$ cat /etc/group
root:x:0:
daemon:x:1:
[removed other system groups]
group1:x:10001:peke
group2:x:10002:peke
group3:x:10003:peke
group4:x:10004:peke
[removed similar groups 5-30]
group31:x:10031:peke
group32:x:10032:peke
# I'm still member of only 32 groups (7 default and 25 additional)
peke@paju:~$ groups
peke dialout cdrom floppy audio video plugdev group1 group2 group3
group4 group5 group6 group7 group8 group9 group10 group11 group12
group13 group14 group15 group16 group17 group18 group19 group20
group21 group22 group23 group24 group25
peke@paju:~$ groups | wc -w
32
# There's some folders for created groups I should be able to access
peke@paju:~$ ls -l /tmp/ | grep group
drwxrwx--- 2 root group1 4096 2005-06-15 15:41 group1
drwxrwx--- 2 root group25 4096 2005-06-15 15:42 group25
drwxrwx--- 2 root group26 4096 2005-06-15 15:42 group26
drwxrwx--- 2 root group32 4096 2005-06-15 15:42 group32
# Accessing only folders for groups 1-25 succeeds
peke@paju:~$ touch /tmp/group1/foo
peke@paju:~$ touch /tmp/group25/foo
peke@paju:~$ touch /tmp/group26/foo
touch: cannot touch `/tmp/group26/foo': Permission denied
peke@paju:~$ touch /tmp/group32/foo
touch: cannot touch `/tmp/group32/foo': Permission denied
----------------------------------------------------------
Does anyone have ideas how to overcome this problem? Is it likely that
programs and/or utilities still having this problem are fixed in
somewhat near future?
TIA,
.peke
--
Qentinel Oy, Pekka Laukkanen
pekka.laukkanen@qentinel.com, +358 40 7791909
Tekniikantie 14, 02150 Espoo, Finland
http://www.qentinel.com/
Reply to: