On 09/07/2024 05:22, Otto Kekäläinen wrote:
While rare, it is possible for a user to be a member in more groups than
what the system limit allows (on Linux typically NGROUPS_MAX=65536) and
if that is the case, running `id` or `id user` will not print all of
them. This is a minor bug, but easily fixable by emitting a warning if
it happens.
---
src/id.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/id.c b/src/id.c
index 38d5517bd..c572b2d99 100644
--- a/src/id.c
+++ b/src/id.c
@@ -401,6 +401,13 @@ print_full_info (char const *username)
ok &= false;
return;
}
+ else if (sysconf(_SC_NGROUPS_MAX) > 0 && n_groups >
sysconf(_SC_NGROUPS_MAX))
+ {
+ fprintf (stderr,
+ _("Warning: User '%s' may be member of more groups than "\
+ "the system allows\n"),
+ (username != NULL) ? username : "");
+ }
if (n_groups > 0)
fputs (_(" groups="), stdout);
I'm a bit confused with this patch.
If the n_groups is larger than NGROUPS_MAX what consequence will it have?
I.e. is there any point to id(1) warning about this edge case?
id will be able to show all of the n_groups in this case right?
I interpret NGROUPS_MAX as a static limit(ation),
which more dynamic interfaces (like getgrouplist) are not constrained to.
cheers,
Pádraig