On Thu, Mar 08, 2007 at 09:48:29AM -0500, Simo Sorce wrote: > On Tue, 2007-03-06 at 15:34 -0500, Matthew Miller wrote: > > On Tue, Mar 06, 2007 at 09:28:46PM +0100, Nicolas Mailhot wrote: > > > > It only > > > > solves a few rare use cases and it's causing real problems. > > > If you call "rare use cases" every server that didn't snatch a sub-100 > > > uid while there where some room left > > > > To be clear, I'm only in favor of getting rid of it if some other way of > > rationally assigning fixed user ids is phased in. > > > Sorry to jump in in the middle of the discussion, but I really don't get > why you should have fixed uids. > Sure 1-100 is a too tiny space, Fedora should probably begin to reserve > 1-1000 or maybe 1-10000 for "system/packages" uids. > You can't fix the size problem switching from dynamic to fixed uids so I > don't see the point. FWIW we do have reserved space of up to 499. It's just that we call the first 100 fixed and the rest is randomly assigned (in a sequential bottom-to-top order). Note that there is an ancient discussion/bugzilla about having useradd -r assing from top to bottom. That would be a first step in allowing to lift the crossover line from fixed to non-fixed system accounts from say 100 to 150 or 200 after some transition time (counted in years probably). https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190523#c4: | And if /usr/share/doc/setup-*/uidgids reserves a new slot in the | future it is very likely that useradd -r will already have a | dynamical user from another package sitting on it. E.g. the setup is | not future-proof. | | So in order to not let this conflict happen neither with outsynced | packages vs /usr/share/doc/setup-*/uidgids or any futrure new static | uids/gids it makes sense to have useradd -r reserve dynamic | udis/gids from the top of the available range. We do have ~400 | uids/gids reserved for dynamical assignment and starting at 100 is | asking for trouble now that the first 100 static id have been | assigned. Alternatively you could raise the starting uid/gid bar | from 100 to 150 or 200, but starting at the top and eating through | to the bottom is better IMHO. -- Axel.Thimm at ATrpms.net
Attachment:
pgpTLlRJq43j3.pgp
Description: PGP signature
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
