Finally I got this to work. After trying several different things I have
gotten my user in more than 32 groups. They can now belong to 256
groups. I had to do some recompiles.
1. Downloaded Kernel Source - I am still running 2.4.9 with xfs patch.
2. edit the limits.h file in kernel source
/usr/src/linux//include/linux/limits.h
change "#define NGROUPS_MAX 32" to whatever value you need
3. edit the param.h in kernel source
/usr/src/linux/include/asm-i386/param.h
change "#define NGROUPS 32" to whatever value you need
4. recompile kernel
5. Boot to new kernel
6. Download glibc source rpm, I used glibc-2.2.4-24
7. Edit limits.h and param.h for glibc. I found these in
/usr/i386-glibc21-linux/include/linux/limits.h
/usr/include/linux/limits.h
/usr/include/asm/param.h
/usr/i386-glibc21-linux/include/asm/param.h
8. Install glibc rpm.
This should install all files in /usr/src/redhat
9. cd into /usr/src/redhat/SPEC
10. run rpm -ba glibc.spec
This will complie glibc and create the glibc RPM's
11. Install the new compiled RPMS. they should be located in
/usr/src/redhat/RPMS/i386 or i686 etc depending on your machine.
After that your groups should now be limited to whatever you set the new
value to.
Matthew Dodson
[EMAIL PROTECTED]
On Wed, 2002-07-17 at 08:44, Ed Wilts wrote:
> On Wed, Jul 17, 2002 at 06:43:42PM +0700, Kevin Myers wrote:
> > On 16 Jul 2002 09:59:29 -0500, Matthew wrote:
> >
> > >I am having a limitations problem with groups.
> >
> > What is it that you are trying to achieve? Perhaps there is another way of
> > approaching it?
>
> I'm having the same issue. What I've got is a set of 300+ users that
> need access to ~200 projects. Each user may be a member of multiple
> projects - >100 is not uncommon. Each project must be protected such
> that a user that's not a member of the project must not have access.
>
> I'm currently solving this by putting each project in a unique group,
> and then granting group access to the project. Each user that needs
> access then is made a member of the group.
>
> To make matters worse, access to the project data is done via both ftp
> and smb (and sometimes netatalk).
>
> I'm open to ideas to how else to approach this. On other platforms, I'd
> use ACLs, but they're not really ready for critical production work on
> Linux yet.
>
> --
> Ed Wilts, Mounds View, MN, USA
> mailto:[EMAIL PROTECTED]
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
