[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#905817: UID range of DyanmicUser overlaps with existing definitions in debian-policy

On Sat, Sep 15, 2018 at 08:47:19AM -0700, Sean Whitton wrote:
> > The overlapping ranges are:
> > 60000-64999:
> >  Globally allocated by the Debian project, but only created on demand.
> >  The ids are allocated centrally and statically, but the actual accounts
> >  are only created on users’ systems on demand.

How many UID in this range are actually allocated right now?  As the
allocations are static, we can shrink the range without producing
further problems.

> > There is also:
> > 65536-4294967293:
> >  Dynamically allocated user accounts. By default adduser will not
> >  allocate UIDs and GIDs in this range, to ease compatibility with legacy
> >  systems where uid_t is still 16 bits.

This range is now used in other ways and is not longer general available
for user accounts.  systemd-nspawn uses them, but in the meantime each
local user is also assigned a range in /etc/subuid and /etc/subgid.

Due to this all, uids for normal system operation must fit into the
range 0-65534.


Beam me up, Scotty, there's no intelligent life down here!

Reply to: