Replies: 2 comments
-
|
I think you mean /usr/sadm/defadduser You could change DEFRID in /usr/include/userdefs.h But these will only affect useradd and friends. Other tooling and deployment mechanisms are free to make other choices. In Tribblix, the distro tooling reserves 100-1000 for distro purposes and starts general users at 1000. But there are no protections against users selecting any uid they like. But that's always been true, these ranges are just conventions and have no underlying meaning. |
Beta Was this translation helpful? Give feedback.
-
|
Look at https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes. Reserving higher ranges (>60000) seems to be a reasonable choice to avoid breaking existing installations (large AD/LDAP installations can be affected anyway). |
Beta Was this translation helpful? Give feedback.
-
As discussed in IRC a couple of months ago (and remembered in #6827), we might want to bump the lowest ID for (new) end-user deployments to be 1000 or 1001 for consistency with modern Linux and BSD distros, and so have more IDs that we can dedicate to system service accounts. For some time there would be an issue of legacy deployments that do have lower-numbered users, but at least situations that risk an ID conflict in a practical deployment would not proliferate then.
From that IRC discussion it seemed that part of the numbering choice (non-system starts from 100) may be buried in tools, e.g. illumos-gate code, although it is possible that some or all of that is tunable with files in /etc. And also it may be something worth fixing in the illumos ecosystem consistently, more so if it has to be fixed outside oi-userland. So far I did not investigate further.
CC @jclulow @citrus-it @ptribble and others welcome :-)
Beta Was this translation helpful? Give feedback.
All reactions