On Thu, Oct 08, 2009 at 02:23:11AM -0700, Casper Dik wrote: > The use for a larger number of groups is described in CR 4088757, > particular in the case of Samba servers and ADS clients; the > Samba servers map every SID to a Unix group. Users with more > than 32 groups SIDs are common. We've seen reports varying from > "64 is enough", "128 is absolutely enough" and "we've users with > more 190 group SIDS).
I've seen claims of nearly 500 groups. > Ucred routines will shrink the actual size of the ucred exchanges: the > ucred structures will "shrink to fit" and only processes which use a lot > of groups will pay for this in ucred exchanges. How does this work? The size of a ucred is not passed around, but required to be ucred_size(3C). I guess receiving code will malloc() ucred_size() bytes, receive the ucred, and realloc() to the correct, smaller size, which would be encoded in a ucred header. Or perhaps you'll be enhancing the ucredsys/doorsys syscalls so that you only alloc as much as needed? Yes, implementation details, I know. But interesting details nonetheless. Also: "yay!" Nico --
