Group Access control - 100 groups

Group Access control - 100 groups

Post by Dwight Ed » Sat, 29 Jul 1995 04:00:00



We have a large Sun Unix environment with approximalty 100 workstations
running Sun OS 4.1.x and 300+ users. We also have multiple file servers
running a combination of Sun OS 4.1.3 and Solaris 2.3.

We have a configuration management function on line to facilitate design data
transfers, version control, archiving, etc. In order to perform this fucntion
we have several people who must have write access to over 100 groups. These
people are listed in all the groups in the group file but we have several
problems because the standard UNIX limit for number of groups you can be in is
16 (or 17). When logging in we (I am one of the people in 100 groups) get a
warning message "init: in too many groups" (not an exact quote). Some network
applications have a problem with this unexpected response when opening a
connection.

The bigger problem, however, is that we are only able to be recognized as
being in 16 or 17 groups at one time and we have not found a way to control
which 16 we are in. Consequently, we are using newgrp to switch the default
group. This is a pain in the ____ because it starts a new shell and does not
allow for direct control of which set of groups one is in at a given time.

We have not wanted to increase the allowed number of groups for fear this will
be incompatiable with some applications. Also, don't know what the correct
maximum number is.

Sorry for the long explination. Does anyone have any ideas or relevant
experience?

                            wmw
                           (o o)
        ----------------ooO-(_)-Ooo----------------
       / Dwight Eddy         EDE System Engineer   \
       \ Lockheed Sanders    Phone: 603-885-4636   /
       / MS NCA01-2244       Fax:   603-885-9056   \
       \ 95 C*Street     Pager: 603-599-7676   /
       / Nashua, NH 03061                          \

        -------------------------------------------

 
 
 

1. cannot set up UMASK or groups so that users from one group cannot access other groups

Hi

First let me describe what I would like to set up to clarify things:

Scenario:

I would like to set up 3 groups, lets call them A, B, C. Users from A should
have access files created by users in B or C. Users in B or C cannot access
files created by users in A. Also users in B or C should not have access to
each others files.

How would I set up Umask to handle this? I've tried to create a primary
group for all and secondary groups to reflect the permissions I'm after, but
to no avail.

Any ideas?

Many thanks in advance.

Jon

2. posgreSQL on AIX 4.3.2

3. grouping a group to a group?

4. Wampes on Linux ..... some problems

5. Keeping groups, groups and groups straight

6. Stop DHCP from changing hostname?

7. GROUPS CONTAINING OTHER GROUPS (/etc/group)

8. e2fsck shows errors but hdb works OK

9. /etc/group groups inside of groups?

10. user and group management - how to emulate groups into groups in linux ?

11. Group without access to /etc/groups

12. Using GROUPS to control access ????

13. help: netscape server group access control