On Wed, 4 Aug 2010 10:06:05 -0700 David Brodbeck <brodbd@xxxxxxxxxxxxxxxx> wrote: > I've been looking at it for a while, because the 16-group limit is a problem for us, but it's a huge ball of wax. I understand the security benefits, but the sheer complexity of setting it up and then coming up with workarounds for ticket expiration has me a bit cowed. > The 16-group limit is easily avoidable if you use Linux as your NFS server and a given uid maps to the same gids on both client and server. Just run mounted with "--manage-gids". Then the gid list on an incoming request will be ignored, and replace with a gid list obtained by doing a password/group lookup on the server. NeilBrown -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
