Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!sundc!pitstop!sun!decwrl!pyramid!prls!mips!djl
From: djl@mips.UUCP (Dan Levin)
Newsgroups: comp.unix.wizards
Subject: Re: NGROUP limit set at 8
Message-ID: <850@winchester.UUCP>
Date: Wed, 28-Oct-87 17:22:30 EST
Article-I.D.: winchest.850
Posted: Wed Oct 28 17:22:30 1987
Date-Received: Sat, 31-Oct-87 14:35:37 EST
References: <9096@mimsy.UUCP> <7712@steinmetz.steinmetz.UUCP> <32169@sun.uucp>
Lines: 27
Keywords: NGROUP

In article <32169@sun.uucp>, guy%gorodish@Sun.COM (Guy Harris) writes:
> > No.  NGROUP is used to size an array in the kernel ucred (user's
> > credentials) structure when building a kernel.
> 
> Unfortunately, these credentials are used when the kernel makes an RPC call
> (e.g., for an NFS operation), and are also used indirectly when user-mode code
> makes RPC calls (the RPC code does a "getgroups" system call).  The number of
> groups in UNIX-authentication credentials for Sun RPC is 8 (not 10, the RPC
> Protocol Specification lies), so it can't handle more than 8 groups.  This
> means that RPC calls using UNIX authentication (such as NFS calls) won't work
> if you crank the number of groups above 8.

Not only that, but the cred struct passed over the net for UNIX auth
includes a size field for the group list (aup_len).  It was clearly
the original idea to allow variable size group lists, but the number 8
is hard coded into the SUN RPC implementation, even though the comment
just above says 10 (as does the spec...).  Interesting that the leading
implementation of a supposedly public domain protocol doesn't follow
the spec...

NB:  This is a pet peeve of mine, as the group length issue came up while
doing NFS/RPC for UMIPS-BSD, a 4.3 based kernel.

-- 
			***dan

{decwrl,pyramid,ames}!mips!djl         djl@mips.com (No, Really! Trust Me.)