Hi folks,
We tend to use unix style security on shares that are accessed via both NFS and CIFS. Being a university we have a large number of users and groups, and some folks belong to numerous groups. (We use group permissions for shared projects and some folks are members of many unix groups.)
We use NFS v3 exclusively and the auxiliary group list is passed by the NFS client in each NFS packet, and it is limited to 16 groups. This is rather inconvenient for some NFS users. Does anyone know if this is a hard NFS v3 limit?
For CIFS we authenticate via a Windows domain and the CIFS credentials are mapped to Unix credentials for unix style security. We noticed with "cifs shares -s username" that folks were being limited to 32 unix groups. I have discovered that you can do this:
options nfs.max_num_aux_groups 256
(the only legal values are 32 and 256, we have DOT 8.0.1 7-Mode.)
and now our CIFS users who belong to over 32 unix groups are getting all their groups. No help for NFS v3 but this will make several of our CIFS users happy.
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support