Bug 145494

Summary: Membership in too many groups prevents login ("getgroups: Invalid argument")
Product: [Fedora] Fedora Reporter: Kenneth Porter <shiva>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED CURRENTRELEASE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 2   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-01-31 16:19:28 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Kenneth Porter 2005-01-18 17:25:06 EST
I edited /etc/group to add myself to another group, raising my total
to 33, and I was no longer able to log in. /var/log/secure reported
"fatal: getgroups: Invalid argument". Some googling revealed the
source of the problem, that getgroups returns EINVAL when the number
of groups exceeds a kernel limit (NGROUPS_MAX in

I'm not sure what the best fix is, but one shouldn't be locked out of
logging in when another group is added to one's list. sshd should fail
in a more graceful way, for example allowing the login but without all
supplmentary groups available, and a warning issued to the login
terminal and the syslog.

See also bug 145492.
Comment 1 Tomas Mraz 2005-01-31 16:19:28 EST
It seems to be working fine in FC3.