[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: useradd -r should start at the top of available uids



On Fri, 2006-05-05 at 19:53 +0200, Axel Thimm wrote:

> 
> What I think will most probably happen is that LSB will revise the
> need and find that the weighing of static vs dynamic sytem accounts
> which currently is 1:4 needs to be rethought

Yeah - I doubt there are very many systems that have more UIDs in the
100-499 range than in the 0-99 range.


>  and maybe the bar lifted
> from 100 to 150/200 or. What the LSB cannot do is touch anything
> higher than 500 as that will break the users' playground (breaking
> OSes is OK for the LSB ;)
> 
> To cut a long story short: We are currently allowed to use 100-499 for
> dynamic assignment, but we will most probably have to violate the LSB
> if a static uid/gid is needed as the range reserved for that is filled
> up. So it makes sense to think about moving dynamic allocation of
> uid/gid from the lower range to the upper range. E.g. the first
> useradd -r grabs 499, the next 498 and so on. That way dynamic
> allocation will not conflict with any (new) static assignments. That
> scheme is therefore future proof (at least more than the current) and
> will also survive any raising of the uid=100 border.

I like that model.
I also would like it, unless specifically told not to, to only grab a
UID if the same GID is also available.

IE if GID 499 is in use but UID 499 is not, don't use UID 499 and GID
498 - instead, use UID and GID 498 and leave UID 499 unused.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]