Re: Ext3 filesystem info?

Jesse Pollard (pollard@tomcat.admin.navo.hpc.mil)
Thu, 23 Sep 1999 07:25:56 -0500 (CDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tigran Aivazian: "Re:RFC: Get rid of CONFIG_PROC_FS, was Re: "CONFIG_PROCFS" problem , in 2.3.18ac8"
Previous message: Olaf Kirch: "Re: knfsd support for CROSSMNT"
In reply to: Dr. Michael Weller: "Re: Ext3 filesystem info?"

From: "Dr. Michael Weller" <eowmob@exp-math.uni-essen.de>
>On Wed, 22 Sep 1999, Steve Dodd wrote:
>> On Wed, Sep 22, 1999 at 10:36:54AM -0400, Stefan Monnier wrote:
>>
>> > > That's a userspace thang though, not a kernel problem.
>>
>> > It seems that way, but it's not just a user-space problem because
>> > allowing users to create their own groups and to add people to them
>> > poses problems with the NGROUPS limit, unless you somehow manage to
>> > restrict the interface so that users can only add themselves to groups.
>>
>> So instead of login loading all the groups blindly, have it AND the
>> list of groups the user is allowed to be in (/etc/group or whatever entries
>> listing the user) with a list the user has declared she wants to be in,
>> stored in ~/.group or similar.. Maybe have a su-like program to spawn a shell
>
>This is a pure userspace and login issue. Problems will arise from ftp or
>other services authenticating you though, because ftpd would also need to
>know as which group member to do file access. It could use ~/.group as
>well or use some site specific FTP extension, again a user space issue.
>
>I still won't suggest anyone to do it as it is pretty non standard.
>
>With regards to NGROUPS, I'm sure it can be easily raised. It might be
>possible to handle it fully dynamic, but you still want to have a hard
>limit to stop a gone mad process to be in a set of almost 2^32 groups.
>Also there is a performance issue, any file access will have to loop
>through the list of groups to determine if you have access or not, so you
>want to keep the list small. If longs lists of group were allowed I'm sure
>one can optimize this with a binary search in a sorted list of groups, but
>this won't help much in conjunction with ACL's then.

It can't be easily raised. The problem with NFS - the protocol only has
room for 16 entries. As long as communication with non-Linux
systems - fileservers or clients - is done this limit must be respected.
The only way to handle it when the host supports more than 16 is to truncate
the list to 16 when dealing with the remote system. Then you get the problem
of which 16 out of N (where N > 16).

-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil

Any opinions expressed are solely my own.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tigran Aivazian: "Re:RFC: Get rid of CONFIG_PROC_FS, was Re: "CONFIG_PROCFS" problem , in 2.3.18ac8"
Previous message: Olaf Kirch: "Re: knfsd support for CROSSMNT"
In reply to: Dr. Michael Weller: "Re: Ext3 filesystem info?"