Maximum setting for ID group membership
I am using RHEL 4 and have a situation where an ID belonging to multiple groups does not take on the permissions of more than 16 groups.
-Is there a setting for an ID's group membership limit (I have heard it is 32 in RHEL 3 (with a default of 16) and 65536 in RHEL 4) -What is the maximum this can be set? -Are there any side-effects to setting this higher than the default? (I read that setting it will cause NFS to malfunction) The research I have performed suggests this is NGROUPS_MAX here is some output from my system # getconf NGROUPS_MAX 65536 Any ideas? |
I wonder if it might be a glibc limit if the library was compiled with XOPEN2k defined:
Code:
grep -n NGROUPS_MAX -A3 -B3 /usr/include/bits/posix1_lim.h http://www.ussg.iu.edu/hypermail/lin...10.0/0465.html These limits of course are in the source which would mean recompiling. What is the value of /proc/sys/ngroups_max? Something in the back of my mind is telling me that using a different kernel version available might help, such as a 2.6 instead of 2.4 version kernel, or the memory page size the kernel uses. However, looking around on my laptop (64bit suse) everything points to 65536 max groups that can be assigned to a process. A search in a mailing list for rhel4 might reveal the answer. |
Quote:
65536 Thanks for the reply |
What architecture are you using? Some seem to have lower limits in the kernel source. Particularly KERN_NGROUPS_MAX.
What does "sudo /sbin/sysctl kernel.ngroups_max" return. I think it will be the same as /proc/sys/ngroups_max. If it had been 8, you may be able to use sysctl to increase it. |
Quote:
The architecture is AMD 64, Red Hat Enterprise Linux Advanced Server 4.04 |
Everything seems to indicate that you should have 65536 max groups associated with a process. Maybe the problem is somewhere else.
|
All times are GMT -5. The time now is 02:55 AM. |