I think there should be no fixed limit at all for these values (or at least a very high, to prevent an error loop to consume unlimited memory). The kernel should allocate as much memory it needs to save all usernames, uids, gids, etc that exists on that system (including nis, ldap, etc.). The list of usernames, groupnames, uids, is limited because the files which contains the list have a limited lenght and usernames etc. are not generated dynamically while the system is running (except a fixed amount, for example by new packages, or manually by the system administrator).
The problem still exists in kernel kernel- 3.13.4- 200.fc20. x86_64.
The parameters values are still too low.
# sysctl -a|grep kernel.keys.root keys.root_ maxbytes = 20000 keys.root_ maxkeys = 200
kernel.
kernel.
I think there should be no fixed limit at all for these values (or at least a very high, to prevent an error loop to consume unlimited memory). The kernel should allocate as much memory it needs to save all usernames, uids, gids, etc that exists on that system (including nis, ldap, etc.). The list of usernames, groupnames, uids, is limited because the files which contains the list have a limited lenght and usernames etc. are not generated dynamically while the system is running (except a fixed amount, for example by new packages, or manually by the system administrator).