[Pkg-shadow-devel] Bug#325436: Limit of 32 groups per users

Sylvain Beucler beuc at gnu.org
Sun Aug 28 17:08:20 UTC 2005 

Package: passwd
Version: 1:4.0.3-31sarge5
Severity: important

We would really need to get more groups per users in our stable
installation.

The stable kernel has a limit of 65536 groups per users:
$ cat /proc/sys/kernel/ngroups_max
65536

However usermod is still limited to 32 users:
$ usermod -G testgroup1,testgroup2,testgroup3,testgroup4,testgroup5,testgroup6,testgroup7,testgroup8,testgroup9,testgroup10,testgroup11,testgroup12,testgroup13,testgroup14,testgroup15,testgroup16,testgroup17,testgroup18,testgroup19,testgroup20,testgroup21,testgroup22,testgroup23,testgroup24,testgroup25,testgroup26,testgroup27,testgroup28,testgroup29,testgroup30,testgroup31,testgroup32,testgroup33,testgroup34,testgroup35,testgroup36,testgroup37,testgroup38,testgroup39,testgroup40,testgroup41,testgroup42,testgroup43,testgroup44,testgroup45,testgroup46,testgroup47,testgroup48,testgroup49,testgroup50,testgroup51,testgroup52,testgroup53,testgroup54,testgroup55,testgroup56,testgroup57,testgroup58,testgroup59,testgroup60,testgroup61,testgroup62,testgroup63,testgroup64,testgroup65,testgroup66,testgroup67,testgroup68,testgroup69,testgroup70,testgroup71,testgroup72,testgroup73,testgroup74,testgroup75,testgroup76,testgroup77,testgroup78,testgroup79,testgroup80,testgroup81,testgroup82,testgroup83,testgroup84,testgroup85,testgroup86,testgroup87,testgroup88,testgroup89,testgroup90,testgroup91,testgroup92,testgroup93,testgroup94,testgroup95,testgroup96,testgroup97,testgroup98,testgroup99,testgroup100 test
usermod: too many groups specified (max 32).



Incidentally 'id' is also limited to 32
users. sysconf(_SC_NGROUPS_MAX) also returns 32.

stable's /usr/include/linux/limits.h has NGROUPS_MAX set to 32. In
testing and unstable it is set to 65536.


The usermod limitation happens in stable and testing (tested with
their respective default kernel), but not in unstable (tested with the
testing kernel - all tested kernels having ngroups_max=65536).


Basically we have a kernel without the limitation, but the executables
have the limitation, which was probably set at compile time.


Do you know what's the origin of the limitation, and how it could be
fixed to match the default kernel's?

-- 
Sylvain
GNU Savannah: http://savannah.gnu.org

More information about the Pkg-shadow-devel mailing list