Weekly Edition
Return to the Kernel pageSponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
How many groups do you need?
The Linux kernel currently allows any process to be a member of up to 32
groups at the same time. As with many such limits, the 32-group allowance
is sufficient for most users, but not for all. In fact, some users have a
need for significantly more group memberships than that.
This problem came to Rusty Russell's attention; it seems there is a client down under with a need for almost 200 simultaneous groups. The client is running Samba-based servers and having to deal with NT's hierarchical group structure. So Rusty sent out a patch making the maximum number of groups adjustable via a sysctl file. If a process expands to more than 32 groups, the code will dynamicly allocate an array to store them all. Rusty's patch asked for comments, and got them in the form of a rather exasperated note from Tim Hockin. Tim has been posting a very similar patch for quite some time; LWN included a version of this patch back in October, 2002. Despite repeated posts, the patch had never been picked up and merged. In response to Tim's note, Rusty set about the task of merging the two patches. It turns out that Tim's needs were a little different, however; his customers need, for some reason, to have processes be members of up to 10,000 groups. That changes things a bit. So, among other things, the combined patch will use vmalloc() to allocate the array of group IDs should an attempt with kmalloc() fail. Since vmalloc() can create large virtual arrays in kernel space through the use of page tables, it works better when large, virtually contiguous chunks of memory are required. That approach didn't fly with Linus, however; he asked: "Have you been looking at glibc sources lately, or why do you believe that we should encourage insane usage?" These comments have led Tim to take a turn reworking the patch. In his version, the kernel maintains a list of individual pages full of group IDs when the need arises. The lists are shared and reference counted (to help avoid unnecessary copying); they are also sorted so that searches are quick. Given that Linus is "definitely happier about this one," there is a distinct possibility that it may yet find its way into the 2.6 kernel. Sometimes, getting your patch in is just a matter of waiting for somebody else to reimplement it. (Log in to post comments)
Surprising Posted Oct 2, 2003 17:03 UTC (Thu) by Ross (subscriber, #4065) [Link] I find it surprising that the kernel developer's didn't realize people wanted this. I assumed since it was on the TODO list for 2.6 that there was something holding the patch from being merged. I know several organizations that could use more than 32 secondary groups per user.
How many groups do you need? Posted Oct 10, 2003 11:53 UTC (Fri) by r.karsch (guest, #14599) [Link] More groups is really an important issue. Maybe not much people need it, but some very important project depends on it. E.g. administration software for all schools in Munich (Germany).
How many groups do you need? Posted Oct 17, 2003 13:56 UTC (Fri) by guest1 (guest, #13780) [Link] A perfect example of the closed nature of Linux kernel development.Hmm... email about increasing the number of groups...sounds interesting... who's it from? Never heard that name before... DELETE. Ah, here's an email from Rusty, must be important... increasing the number of groups? REPLY REPLY REPLY
How many groups do you need? Posted Feb 29, 2004 16:55 UTC (Sun) by tilolevante (guest, #6174) [Link] Maybe Linux kernel development is closed (I don't think so),but Tim was able to modify the kernel for his needs. With 'closed' sources, he wouldn't be able to do this. tilo
|
|||||||||||