dan@uunet.uu.net (Dan O'Neill) (10/03/89)
Under Sun OS 4.0, is there a limitation on the number of groups to which a
user may belong?
It seems that when a user is a member of 9 or more groups, things get very
wierd at login time. The user logs in and the following messages appear:
RPC error: Invalid authentication
/home/user-id: not owner
When the number of group memberships is reduced, things are fine once
again. Is this a bug under 4.0?
Dan O'Neill dan@asihub.uucp {uunet|ncr-sd}!asihub!dan
Automated Systems, Inc. San Diego R&Ddupuy@cs.columbia.edu (10/05/89)
> It seems that when a user is a member of 9 or more groups, things get very > wierd at login time. The user logs in and the following messages appear: > > RPC error: Invalid authentication > /home/user-id: not owner This is a bug in Sun NFS support in 4.0. Under SunOS 3.x and 4.2 BSD, the group limit was 8. SunOS 4.0 and 4.3 BSD raise the group limit to 16, but the NFS protocol had only 8 slots for group membership information when using Unix authentication. SunOS 4.0 will put more than 8 group entries into the authunix structure, which causes problems on machines expecting the old 8 slot entries. It may even cause problems for other 4.0 machines, I don't remember. Ways to work around this might be: 1) reduce the number of groups the user is in to 8 2) make the user a member of a different set of 8 on different machines (this can be done with entries in /etc/groups even if you use YP, and can allow the user to be in as many groups as they want, though they have to log in to ceratin machines to be in them) 3) use secure NFS, since authdes structures have no group info (this would work if standard NFS between 4.0 machines is broken, but isn't much help with 3.x or other OS's, since they don't have secure NFS)
eastick@me.utoronto.ca (Doug Eastick) (10/06/89)
dupuy@cs.columbia.edu writes: >> RPC error: Invalid authentication >> /home/user-id: not owner >This is a bug in Sun NFS support in 4.0. Under SunOS 3.x and 4.2 BSD, the >group limit was 8. SunOS 4.0 and 4.3 BSD raise the group limit to 16, but >the NFS protocol had only 8 slots for group membership information when >using Unix authentication. SunOS4.0.3c wants each user to be in 8 groups or less, for the above case; and each line in /etc/group must have less than about 30 members (~2.5 screen lines in our case) or else portmapper won't startup at boottime. I don't know why, but we fixed it by using multi-line group entries. Eg: staff:joe,john,frank,harry staff:mary,betty,guido With one big-long-line, portmapper won't start and any NFS mounts will give you RPC: program not registered errors. Doug Eastick eastick@me.UTORONTO.BITNET UUCP: ...!utai!me!eastick eastick@me.utoronto.ca
Dave_Brent@mtsg.ubc.ca (10/17/89)
I haven't seen any problem with users being in > 8 groups if you're in an environment of SunOS 4.0/4.0.1 machines. If this is going to cause problems with SunOS 4.0.3, thanks for the warning! Similarly, as far as multi-group entries go, we've got one that's got >> 30 members and the portmapper starts up fine. Is this something else that's going to break with 4.0.3? Dave Brent Internet: Dave_Brent@mtsg.ubc.ca Academic Operating Systems UUCP: ...!ubc-cs!mtsg.ubc.ca!Dave_Brent University Computing Services BITNET: USERPROP@UBCMTSG U. of British Columbia Phone: (604) 228-5736 Vancouver, B.C., V6T 1W5 Fax: (604) 228-5116