RE: getgroup invalid argument in /var/adm/messages

From: Schubert, John [NTWK SVCS] (jschub01_at_sprintspectrum.com)
Date: 07/23/03

  • Next message: Greg Wooledge: "Re: getgroup invalid argument in /var/adm/messages" 
    Date: Wed, 23 Jul 2003 13:20:34 -0500
To: "Ramin Dousti" <ramin@cannon.eng.us.uu.net>

    Heh, caught again by the RTFM monster. :) I didn't think to read the man getgroups.
    I grep'd the config files, and then ultimately out of desperation the whole ssh and sshd directories for a setting. Where exactly would I find the argument for NGROUPS_MAX? (I used 'grep -i group' and didn't find any references to groups).

    Not to split hairs, but my "man getgroups" states that SETGROUP (not GETgroup) will fail when NGROUPS > NGROUPS_MAX. GETGROUP fails when "the value of gidsetsize is non-zero and less than the number of supplementary GIDs set for the calling process".

    To ask the next logical question: Where is the NGROUPS_MAX set and the number of groups the calling process is a member of? I'm a relative newby to programming, but would the calling process group list be found with as simple of a command as "groups root", since SSHd is called by root by /etc/rc2.d/S77sshd ??

    I appreciate your help.
    John

    -----Original Message-----
    From: Ramin Dousti [mailto:ramin@cannon.eng.us.uu.net]
    Sent: Wednesday, July 23, 2003 12:48 PM
    To: Schubert, John [NTWK SVCS]
    Cc: secureshell@securityfocus.com
    Subject: Re: getgroup invalid argument in /var/adm/messages

    It looks like the message is coming from:

    uidswap.c line 70:

            saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups);
            if (saved_egroupslen < 0)
                    fatal("getgroups: %.100s", strerror(errno));

    From the man pages on getgrroups:

    ...
         getgroups() will fail if:

         EINVAL The value of gidsetsize is non-zero and less
                        than the number of supplementary group IDs
                        set for the calling process.
    ...

    It means that the calling process (sshd) belongs to more groups
    than NGROUPS_MAX is defined for. Is that the case?

    Ramin

    On Wed, Jul 23, 2003 at 10:55:43AM -0500, Schubert, John [NTWK SVCS] wrote:

    > Hello,
    > I have an error message popping up in the /var/adm/messages file for sshd that reads:
    > Jul 19 04:31:35 omp sshd[21167]: [ID 800047 auth.crit] fatal: getgroups: Invalid
    > argument
    > Jul 19 05:33:19 omp sshd[15334]: [ID 800047 auth.crit] fatal: getgroups: Invalid
    > argument
    > and continues to repeat with irregularity. I have searched through the Man pages for SSH, SSHd, performed a Google search on the context of the error, and searched the list archives here. I also looked through the sshd_config file for anything out of the ordinary, and it looked ok. I have about 350 machines running SSHd, and I checked a handful of the others and they did not have the errors listed above.
    > Any ideas on what is happening or where I can look? SSHd is running and allowing people to log in. This is OpenSSH_3.2.3 (p1) installed on a Sun Netra T1120 server running Solaris 8.
    > Thanks,
    > John

  • Next message: Greg Wooledge: "Re: getgroup invalid argument in /var/adm/messages"