[PLUG] Max groups per user??

Michael F. Robbins on Fri, 7 Sep 2001 00:30:50 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Max groups per user??

From: "Michael F. Robbins" <mike@gamerack.com>

To: Philadelphia Linux User Group <plug@lists.phillylinux.org>

Subject: [PLUG] Max groups per user??

Date: 06 Sep 2001 13:42:37 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

I have a webserver, running (originally redhat 6.2 based), kernel 2.4.2, glibc 2.1.3-22, apache 1.3.20. I host a bunch of websites for myself and friends. Every user stores their HTML files in /home/[USERNAME]/public_html. The directory "/home/[USERNAME]" itself is owned by the user and group [USERNAME], and has permissions 750. The directory "/home/[USERNAME]/public_html" is owned by the user and group [USERNAME], and has permissions 755. Apache runs as user/group www, and is configured with individual VirtualHost blocks for each one. This setup works because for each group [USERNAME], the user "www" is a member of that group. For example, the user "mikeweb": drwxr-x--- 5 mikeweb mikeweb 4096 May 11 18:40 /home/mikeweb drwxr-xr-x 7 mikeweb mikeweb 4096 Jul 3 21:55 public_html [mikeweb@hydrogen mikeweb]$ cat /etc/group | grep mikeweb mikeweb:x:551:www Anyway, problems have started to show up today because I just added another user, "flash". Apache reports "Forbidden" unless I do a "chmod 755 /home/flash". When I run a "groups www" as root, it does show "flash" as one of the groups that user www is a member of. However, if I run "groups" as www, it cuts off "flash". I counted, and flash would be the 33rd in the list (so its only displaying the first 32). After some searching on Google, I learned that in fact, a user can only be a member of 32 groups. My real question is how to proceed from here. Here are my current ideas: 1) Rebuild kernel/glibc/whatever else to allow more than 32 groups per user. That doesn't sound like fun. 2) Download and play with Linux ACLs to get something acceptable working. That doesn't sound like much fun either... 3) Change my policy and just make the home directories chmoded 755. (I don't like this because then its trivial for someone to look in someone else's home directory. It's the reason why I used my group membership scheme in the first place.) Any other ideas? Or a suggestion on which way to go? Mike ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

Follow-Ups:

Re: [PLUG] Max groups per user??
From: Bill Jonas <bill@billjonas.com>

Prev by Date: Re: [PLUG] XFree86 v4 setup

Next by Date: Re: [PLUG] Max groups per user??

Previous by thread: [PLUG] AC97 Codec error...fixed

Next by thread: Re: [PLUG] Max groups per user??

Index(es):

Date

Thread