[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: automatic adduser/addgroup in postinst (was Re: fingerd)



Just a comment about allocating UID's - we should try to keep the
range of UID's reserved/automatically allocated for DEBIAN systems as
small as reasonably possible.

>>>>> "Ian" == Ian Jackson <ian@chiark.chu.cam.ac.uk> writes:


    Ian> (Many things removed from the CC; debian-devel only now.)
    Ian> Craig Sanders writes ("automatic adduser/addgroup in postinst

    Ian> No, it should be an error for the preferred uid to be in use,
    Ian> at least for uids allocated in the 0-99 range.

    >> If so, this should be documented!  Perhaps uids 0-499 & 65535
    >> should be allocated by the BPM, and uids 500-999 are available
    >> for debian developers to use and experiment with until they get
    >> an official uid allocated by the BPM. uids >=1000 and < 65535
    >> are available for user accounts.

    Ian> Currently 0-99 and 65534 are allocated statically by the base
    Ian> system maintainer, 100-999 are allocated dynamically by
    Ian> adduser for system users and groups and 1000 onwards for
    Ian> ordinary users.

If I remember correctly, many commercial UN*Xes only reserve the UID's
up to about 100 or 200 for system accounts, the rest is allocated by
the adduser script (or whatever its equivalent is called). If you want
to add a DEBIAN box to a heterogeneous cluster made up of such
machines you might have a problem as the UIDs of all users on all
machines in the cluster have to be identical - at least if you want to
export home directories, the mail spool and the like. Does anybody
have a list of the conventions of other systems? On the DEC ALPHA
(osf/2), the lowest UID given to an ordinary user is 100.

What flexibility do we have in deciding in on an algorithm for
allocating system UID's/GID's that doesn't make it too hard or even
impossible to integrate a DEBIAN box into an existing cluster. Could
we provide for alternative algorithms and select one when DEBIAN gets
installed for the first time (e.g., start allocating UID's from top
down for system accounts which don't fit into the reserved range from
0-99)? 


		cheers,
			Lukas
-------------------------------------------------------------------------------
   Dr. Lukas Nellen                 | Email: lukas@teorica0.ifisicacu.unam.mx
   Depto. de Fisica Teorica, IFUNAM |
   Apdo. Postal 20-364              | Tel.:  +52 5 622 5014 ext. 218
   01000 Mexico D.F., MEXICO        | Fax:   +52 5 622 5015


Reply to: