> On Dec 18, 2019, at 2:31 PM, Olga Kornievskaia <aglo@xxxxxxxxx> wrote: > > On Wed, Dec 18, 2019 at 2:05 PM Trond Myklebust <trondmy@xxxxxxxxxxxxxxx> wrote: >> >> On Wed, 2019-12-18 at 12:47 -0500, Olga Kornievskaia wrote: >>> Hi folks, >>> >>> Is this a well know but undocumented fact that you can't set large >>> amount of acls (over 4096bytes, ~90acls) while mounted using >>> krb5i/krb5p? That if you want to get/set large acls, it must be done >>> over auth_sys/krb5? >>> >> >> It's certainly not something that I was aware of. Do you see where that >> limitation is coming from? > > I haven't figure it exactly but gss_unwrap_resp_integ() is failing in > if (mic_offset > rcv_buf->len). I'm just not sure who sets up the > buffer (or why rvc_buf->len is (4280) larger than a page can a > page-limit might make sense to for me but it's not). So you think it > should have been working. The buffer is set up in the XDR encoder. But pages can be added by the transport... I guess rcv_buf->len isn't updated when that happens. -- Chuck Lever
