WARNING to those running Samba on OpenIndiana or other Illumos based systems with > 16 groups
abartlet at samba.org
Tue Apr 23 18:31:20 MDT 2013
Just a heads-up, because this bug took me absolutely ages to chase down,
and I want to save others the same pain.
Samba is perhaps the most prominent reason why you might find a user in
more than 16 groups on a Unix system, and so this bug may at first
appear to be a 'Samba issue' (that certainly is why it found it's way to
my attention :-)
In short, unless the group list we supply to setgroups() is sorted, if
there are more than 16 groups, the Illumos kernel fails to honour some
of the groups. Presumably there is a bisection search being done.
The symptom for Samba users is that as a user is added to more groups,
they loose access to folders they previously had access too.
Attached is a total hack that appears to resolve the issue, but the real
fix needs to be in glibc or the kernel.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1954 bytes
Desc: not available
More information about the samba-technical