Bug 121761 – Problem with use of an administrator user

Bug 121761 - Problem with use of an administrator user

Summary:	Problem with use of an administrator user

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	kernel (Show other bugs)
Sub Component:
Version:	1
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Arjan van de Ven
QA Contact:	Brian Brock
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2004-04-27 12:19 EDT by Nick Thorley
Modified:	2007-11-30 17:10 EST (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2004-06-19 11:58:26 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Nick Thorley 2004-04-27 12:19:55 EDT

Description of problem:
I have a system that is to be used as a samba server but forget samba
and consider core os users.  I have a user called administrator and
when this is used there are all kinds of problems such as problems
with groups where administrator is a member and other problems.

Version-Release number of selected component (if applicable):


How reproducible:
Create quite a few groups - 100 ish and add the user administrator to
those groups.  You will find that administrator can only get into so
many of the groups - a certain depth down the list but no further.  I
am assuming that the word administrator is a key word and should not
be used for users or group names.  I wondered if it affects a certain
number of groups - maybe that the top 40 are considered system groups
and it is ok in those and after that it is not used.

A strange problem I know but it is there

Steps to Reproduce:
1. Create 100 ish groups - in our case 100 users with a group the same
as the username and make the owner the user and the group the owners
group.
2. Add the user administrator to each users group and try to gain
access to each home directory
3. It should work until you are so far down the group list and then it
should give access denied.
  
Actual results:
Access denied after so many groups

Expected results:

Access to all groups.

Additional info:
Seems to have been a long time problem with older versions of redhat
8, 9 and fedora.  Not sure if it is a bash problem - not sure what
users and groups fall under.

Comment 1 Nick Thorley 2004-04-28 11:27:10 EDT

I have found that it is not that administrator is a keyword.  It seems
that a user can only be added to 32 secondary groups.  This in my case
administrator was added to each users group and when i hit the 32nd
user in the list then administrator could not access any users after that.

Thus please can you explain if this is a bug or an intended feature of
the kernel

Comment 2 Dave Jones 2004-06-19 11:58:26 EDT

in 2.4 kernels, there is a hard limit of 32 of the number of groups
that a user may belong to. For 2.6 kernels, this limit has been raised
iirc to 65535

Note You need to log in before you can comment on or make changes to this bug.