On Jun 23, 2007, at 2:02 AM, David Laight wrote:

>
> Module Name:	src
> Committed By:	dsl
> Date:		Sat Jun 23 09:02:13 UTC 2007
>
> Modified Files:
> 	src/sys/kern: kern_auth.c
> 	src/sys/sys: kauth.h
>
> Log Message:
> Simplify the interfaces needed for sys_setgroups() and  
> sys_getgroups().
> Exposed that the kauth code holds groups in an array, but removes some
> of the knowledge of the maximum number of groups.
> Allows the syscall code to copyin/out directly to/from the cred  
> structure,
> this save a lot of faffing about with malloc/free even when compat  
> code
> has to use 16bit groups.

Please revert this change.  You're breaking a fundamental part of the  
kauth API.

If you need this capability, it should be done differently, perhaps by  
adding a some new kauth API.

-- thorpej