Bug 146258 - problem when users are in more than 32 groups.
Summary: problem when users are in more than 32 groups.
Status: CLOSED DUPLICATE of bug 144671
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
(Show other bugs)
Version: 3.0
Hardware: i686 Linux
Target Milestone: ---
Assignee: dff
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2005-01-26 15:10 UTC by scott alley
Modified: 2007-11-30 22:07 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-01-27 02:15:45 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description scott alley 2005-01-26 15:10:28 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3)

Description of problem:
Our server is file serving for a group of 8 companies.  Inherently,
the linux user security model involves user,group,others for file
access permissions and user/group ownership of files.  We have
accounting people who work for multiple companies.

I, as the administrator, need to be able to do what I want such as
browse directories or files.  I am in about sixty groups.  Others are
in many groups too, which were added to groups with a script running a
command of:
/usr/sbin/usermod -G gid,gid,gid,gid,... loginName
This allows asigning a user to groups efficiently.  We then run Samba
to expose shares at a company level with folders underneath.
IE. Samba exposes share Tecnica = /tecnica
/company              (assigned to group company)
/company/accounting   (assigned to group companyacctg)
/company/credit       (assigned to group companycredit)
/company/marketing    (assigned to group companymarketing)

Unfortunately the RHEL OS, only grabs the first 32 groups of a users'
group associations.  This makes some folders(and files) inaccessible
in a very random looking fashion.  I'm not sure if it is a kernel or
PAM security limitation.

I have confirmed this problem with Tech Support on 1/25/2005.  This is
an unacceptable limitation for an Enterprise Level Operating System. 
Please advise as to when this issue will be corrected.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Add a user to more than 32 groups.
2. Run a groups command for the userid > somefilename.txt
3. Try to access a directory owned by a group exceeding the 32nd group
listed in somefilename.txt.
4. The directory will be inaccessible.

Actual Results:  The directory is inaccessible.

Expected Results:  The directory should be accessible.

Additional info:

Comment 1 scott alley 2005-01-26 15:17:26 UTC
The line above in the Bug Comments that reads:
Samba exposes share Tecnica = /tecnica
should have read Samba exposes share company = /company.

Sorry about that!
Scott Alley.

Comment 2 Ernie Petrides 2005-01-27 02:15:45 UTC

*** This bug has been marked as a duplicate of 144671 ***

Note You need to log in before you can comment on or make changes to this bug.