witek 12-19-2010 10:42 AM

NFS and 16 groups limit
I`m using Slackware with NFS share and I`ve been wondering why I had problems with access to some folders and I finally figured out that NFS limits group membership only to 16 :(

Is there a simple way to circumvent this in Slackware?

acid_kewpie 12-19-2010 10:51 AM

NFS can't limit group memberships, that doesn't make sense on a normal posix filesystem. A file just has a uid and a gid, NFS has no idea at all how many users are in the groups, that logic would have to live elsewhere. Can you demonstrate the behaviour you're referring to in more detail? if this something to do with the export on NFS maybe? Lots of groups listed in there??

witek 12-19-2010 11:37 AM

You are wrong, NFS limits number of groups a user belongs to. The limit is 16. If user belongs to more than 16 groups they are not parsed via NFS :(

acid_kewpie 12-19-2010 11:56 AM

OK, so checking around I see what you're probably referring to. It's not NFS but the RPC authentication stages. I asked you to provide more information and you didn't... just saying "you're wrong" is somewhere short of useful.

So to move forwards, do you need all these groups? 16 groups is a lot for a posix account to be part of, I'd really think that it's been poorly managed along the way to evolve into so many gorup memberships. You can apparently look to use gss authentication (kerberos) with nfsv4 to work around the default auth methods. 10 seconds on google brings up this useful blog entry:

witek 12-19-2010 01:10 PM

I`m sorry for "you are wrong" but that doesn`t matter either NFS or RPC is to blame. I cannot use more than 16 groups via NFS anyway.

I`m reading this blog entry but I don`t understand much. BTW: What NFS version does Slackware use? I found nfs-utils-1.2.2
Does it support NFS v.4? If so why isn`t this default?

acid_kewpie 12-19-2010 01:43 PM

Nfs v4 is VERY different from v2 / v3, different models and practises, it's not just a code upgrade. You should have v4 support there by default, but you'll need to read up on it, and reconfigure your clients completely too.

T3slider 12-19-2010 02:04 PM

This thread reminded me of this one, though it won't really help you.

This thread seems to still apply (unfortunately), so it will require some extra dependencies (note that they may have changed since'll have to check) and a recompile of nfs-utils. I'm not sure if enabling NFSv4 would require modifying the startup scripts or not.

witek 12-19-2010 03:07 PM


Originally Posted by T3slider (Post 4196929)
This thread seems to still apply (unfortunately)

It looks that NFS v.4 is not easily available in Slackware. Do you maybe know if other distros (ie. Fedora) have NFSv.4 compiled by default? BTW: I`m not sure if NFSv.4 alone solves the problem with 16 groups limit. Can anyone advise if this is only half of the solution and I have to change authentication method, too?

