On Thu, 26 Jan 2012, Moray Henderson wrote:
Ah, so I was right to have some of my own programs check login.defs rather than relying on a hard-wired 500 everywhere! That's useful to know. What fake users are created by the install? I would expect only system accounts to be created at that point, which are supposed to have uid's outside the range of normal users.
I don't know. My current install has 38 fake users, including 0..8, 493..499 and 65534. With UID_MIN=1000, I'd expect to get some in the range 500..999. Just changing UID_MIN in %post would put them in the normal user range. As noted, getting the fixup right would be tricky.
It would be tricky to do what you want. /etc/login.defs is part of the shadow-utils package. You would need to create an rpm that would be installed onto the system after shadow-utils and before whichever packages create the users you are concerned about.
Nyet. I can barely use an rpm, much less write one.
In %post, though, you could modify the login.defs file - it will be /mnt/sysimage/etc/login.defs while the %post script is running, and use
Something else I didn't know and would have tripped over.
usermod to change the uid of any user you are particularly concerned about. Note: users with explicitly-assigned uids should not be changed. The --uid
Also, not all fake users have groups IDs the same as the UIDs. Hard as it would be to get it all right, knowing that I got it right would be even harder.
If you're freshly installing a system though, I would really recommend leaving the defaults the way they are.
It's looking like I won't have much choice. There would be too many hills to climb at once.
From http://docs.fedoraproject.org/en-US/Fedora/16/html/Release_Notes/sect-Release_Notes-Changes_for_Sysadmin.html#id3021598
"If you need to install a new system from scratch, while starting user accounts from 500 (to connect the system to a network with globally-defined UIDs), install using a kickstart script that places /etc/login.defs on the file system before package installation starts." Yeah right. BTW hennebry@xxxxxxxxxxxxxxxxxxxxx (not my computer) is user 362. UID_MIN is 1000. GID_MIN is 100. -- Michael hennebry@xxxxxxxxxxxxxxxxxxxxx "On Monday, I'm gonna have to tell my kindergarten class, whom I teach not to run with scissors, that my fiance ran me through with a broadsword." -- Lily _______________________________________________ Kickstart-list mailing list Kickstart-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/kickstart-list
