On Thu, Jul 08, 1999 at 10:45:41AM +0100, lucas vossberg wrote:
> hi,
>
> i 'm trying to raise the 32-groups-per-user limit in my 2.0.33 kernel
> running on a single cpu pentium system.
>
> is it a possible and safe way to raise the limit to 64 or even more by just
> setting NGROUPS_MAX in include/linux/limits.h?
>
> any help very much appreciated,
>
> please set me on "cc" since i am not a member of this list.
> thank you.
> lucas
We've done that on linux-2.2.10-ac8 by applying two patches (attached),
one for the linux kernel and one for glibc-2.0.7-17 (they are almost
identical). The main library problem is the function initgroups() which
appeared to use a #define for the maximum number of groups. We have only
replaced /lib/libc-2.0.7.17 for this. It would be nicer if a separate
small system call library existed, offering a user mode sysconf() for the
_SC_NGROUPS_MAX parameter (and others). It could even try to calculate
it instead of using a #define from the linux include files.
Note that when you are using NFS there is a hardcoded limit in the
underlying RPC protocol of 16 groups. The first 16 groups are passed
to the server for permission checking, the others are ignored. I've
finished a patch for 2.2.10-ac8 which maintains a dynamic group list for
RPC, assuming the server will do UNIX style permission checking. If the
NFS client is not able to pass all groups then it might as well make a
reasonable selection of which groups to pass.
We are happily running linux-2.2.10-ac8 with 256 groups, even on NFS. I'll
first finish a similar patch for linux-2.3.9 (10?) before putting it
all on the mailing list.
-- Frank--Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="linux-ngroups.patch"
--- linux/include/asm-i386/param.h.orig Tue Aug 1 17:08:17 1995 +++ linux/include/asm-i386/param.h Fri Jun 25 15:21:21 1999 @@ -8,7 +8,7 @@ #define EXEC_PAGESIZE 4096 #ifndef NGROUPS -#define NGROUPS 32 +#define NGROUPS 256 #endif #ifndef NOGROUP --- linux/include/linux/limits.h.orig Tue Dec 2 22:44:40 1997 +++ linux/include/linux/limits.h Fri Jun 25 15:17:00 1999 @@ -3,7 +3,7 @@ #define NR_OPEN 1024 -#define NGROUPS_MAX 32 /* supplemental group IDs are available */ +#define NGROUPS_MAX 256 /* supplemental group IDs are available */ #define ARG_MAX 131072 /* # bytes of args + environ for exec() */ #define CHILD_MAX 999 /* no limit :-) */ #define OPEN_MAX 256 /* # open files a process may have */
--Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="glibc-2.0.7-ngroups.patch"
--- glibc-2.0.7/linux/include/asm-i386/param.h.orig Tue Aug 1 17:08:17 1995 +++ glibc-2.0.7/linux/include/asm-i386/param.h Fri Jun 25 15:21:21 1999 @@ -8,7 +8,7 @@ #define EXEC_PAGESIZE 4096 #ifndef NGROUPS -#define NGROUPS 32 +#define NGROUPS 256 #endif #ifndef NOGROUP --- glibc-2.0.7/linux/include/linux/limits.h.orig Tue Dec 2 22:44:40 1997 +++ glibc-2.0.7/linux/include/linux/limits.h Fri Jun 25 15:17:00 1999 @@ -3,7 +3,7 @@ #define NR_OPEN 1024 -#define NGROUPS_MAX 32 /* supplemental group IDs are available */ +#define NGROUPS_MAX 256 /* supplemental group IDs are available */ #define ARG_MAX 131072 /* # bytes of args + environ for exec() */ #define CHILD_MAX 999 /* no limit :-) */ #define OPEN_MAX 256 /* # open files a process may have */
--Nq2Wo0NMKNjxTN9z--
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/