Hello, at the moment static system level uid/gid's are handled by setup package and /usr/share/doc/setup-*/uidgid file. There is threshold of system uid/gid's - it's uid/gid 100. Another way to reserve "static" uid/gid reservation is http://fedoraproject.org/wiki/PackageUserRegistry ... usable only for Fedora and only semi-static (as base id could be easily changed). As we are running out of the free uid/gid's in uidgid reservation file (no free gid's in fact at the moment), it has to be solved somehow... there are quite often requests for uidgid reservations as it increases security in many cases... What's the best way to handle that situation? One possibility is to increase the threshold of system level id's (to 200? 300?), another is to check current reservation and clean long-term unused reservations (I doubt there are many such cases, so it's only temporary solution). Other could be sharing groups (as static uid's are still available), but that's not always good solution. Any other idea or some prefered solution? Greetings, Ondřej Vašík
Attachment:
signature.asc
Description: Toto je =?UTF-8?Q?digit=C3=A1ln=C4=9B?= =?ISO-8859-1?Q?_podepsan=E1?= =?UTF-8?Q?_=C4=8D=C3=A1st?= =?ISO-8859-1?Q?_zpr=E1vy?=
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
