Bug 146258 - problem when users are in more than 32 groups.
problem when users are in more than 32 groups.
Status: CLOSED DUPLICATE of bug 144671
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
3.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: dff
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-26 10:10 EST by scott alley
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-01-26 21:15:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description scott alley 2005-01-26 10:10:28 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3)
Gecko/20040910

Description of problem:
Our server is file serving for a group of 8 companies.  Inherently,
the linux user security model involves user,group,others for file
access permissions and user/group ownership of files.  We have
accounting people who work for multiple companies.

I, as the administrator, need to be able to do what I want such as
browse directories or files.  I am in about sixty groups.  Others are
in many groups too, which were added to groups with a script running a
command of:
/usr/sbin/usermod -G gid,gid,gid,gid,... loginName
This allows asigning a user to groups efficiently.  We then run Samba
to expose shares at a company level with folders underneath.
IE. Samba exposes share Tecnica = /tecnica
/company              (assigned to group company)
/company/accounting   (assigned to group companyacctg)
/company/credit       (assigned to group companycredit)
/company/marketing    (assigned to group companymarketing)

Unfortunately the RHEL OS, only grabs the first 32 groups of a users'
group associations.  This makes some folders(and files) inaccessible
in a very random looking fashion.  I'm not sure if it is a kernel or
PAM security limitation.

I have confirmed this problem with Tech Support on 1/25/2005.  This is
an unacceptable limitation for an Enterprise Level Operating System. 
Please advise as to when this issue will be corrected.



Version-Release number of selected component (if applicable):
kernel-2.4.21-20

How reproducible:
Always

Steps to Reproduce:
1. Add a user to more than 32 groups.
2. Run a groups command for the userid > somefilename.txt
3. Try to access a directory owned by a group exceeding the 32nd group
listed in somefilename.txt.
4. The directory will be inaccessible.
    

Actual Results:  The directory is inaccessible.

Expected Results:  The directory should be accessible.

Additional info:
Comment 1 scott alley 2005-01-26 10:17:26 EST
The line above in the Bug Comments that reads:
Samba exposes share Tecnica = /tecnica
should have read Samba exposes share company = /company.

Sorry about that!
Scott Alley.
Comment 2 Ernie Petrides 2005-01-26 21:15:45 EST

*** This bug has been marked as a duplicate of 144671 ***

Note You need to log in before you can comment on or make changes to this bug.