[Bug 1412] Support for users in more than 16 groups on Mac OS X.

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 22 13:24:23 EST 2008


https://bugzilla.mindrot.org/show_bug.cgi?id=1412





--- Comment #6 from Disco Vince Giffin <vgiffin at apple.com>  2008-01-22 13:24:20 ---
(In reply to comment #4)
> (In reply to comment #3)
> > (From update of attachment 1407 [details] [details])
> > Seems reasonable to me. Darren, can you see any problems with this?
> 
> I'd like to understand why it's needed first, given that there's
> already an initgroups() call in session.c.

Our (Apple's) implementation of initgroups() opts you in to using
memberd (which gives you the ability to be in more than 16 groups). 
For conformance and compatibility reasons, certain calls will opt you
out of this behavior.  The setgid() call just above this patch opts out
of using more than 16 groups.  The patch to call initgroups() again is
required to opt back in.  Basically, initgroups has to be called after
any setgroups(), setgid(), etc., if you want to use more than 16
groups.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list