Changing maximum number of groups in FBSD - is it feasible?
Igor Robul
igorr at speechpro.com
Thu Dec 8 00:30:51 PST 2005
On Wed, Dec 07, 2005 at 01:48:04PM -0500, Michael P. Soulier wrote:
> On 12/7/05, Ian Moore <no-spam at swiftdsl.com.au> wrote:
> > Hi,
> >
> > I'm toying with the idea of increasing the maximum number of groups a user can
> > belong to on one of my servers - we have a rather complex organisation and
> > we're hitting the 15 group limit for some people.
>
> Have you considered cascading groups? That's the normal workaround on
> Enterprise Unix systems like HP-UX and Solaris.
>
> Instead of putting everyong in "group", do this instead.
>
> group:*:100:group1,group2
> group1:*:101:user1,user2
> group2:*:102:user3, user4
AFAIK FreeBSD (and Linux) does not support nested groups (I'm not sure
about POSIX) :-(
So you can use ACLs (as I do now), or you can recompile world/kernel
with changed syslimits.h:
syslimits.h:#define NGROUPS_MAX 16
as I did with FreeBSD-4.X. But be careful on system upgrading.
You need compile both world and kernel because these limits get compiled
to libc, kernel and some static linked utilite and some static linked
utilites..
More information about the freebsd-questions
mailing list