I've run into an issue where permissions are failing during group permission checking (PINT_check_group).
The example case is where userA is a member of groupA. groupA has 221 member users. drwxrwx--- 1 userB groupA 4096 Mar 11 15:35 subdir The PINT_check_mode uses the sysconf call to determine the size of the buffer to use for lookups on groups and users. In this case, the users/groups are stored in LDAP. The call here is check_group_gr_buffer_size = sysconf(_SC_GETGR_R_SIZE_MAX). As a default, if we can't make the sysconf call, it is being set to 1024 bytes. For RHEL4 systems in our environments, the sysconf is also returning 1024. In the above situation, 1024 isn't a large enough buffer to allocate all of the member usernames associated with the group, and the getgrgid_r function call returns an error. As easy enough change would be to increase the buffer size used. Another idea would be to change the call up a bit to get the groups that the user is part of, and compare those groups against the group for the file. Are there any thoughts on which approach to implement? I'm not sure which would be faster in general, but in the environments I'm seeing, users are in less groups, than groups have members. If we change the logic on group checking, I'm assuming we would also want to implement a larger buffer size for both the group and user lookups.
_______________________________________________ Pvfs2-developers mailing list [email protected] http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
