Re: Starting user UIDs at 1000 - please check your packages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2011-07-21 at 17:08 -0400, seth vidal wrote:
> On Thu, 2011-07-21 at 17:02 -0400, Simo Sorce wrote:
> > On Thu, 2011-07-21 at 13:59 -0400, seth vidal wrote:
> > > On Thu, 2011-07-21 at 12:57 -0400, James Antill wrote:
> > > > On Wed, 2011-07-20 at 22:59 +0200, Miloslav Trmač wrote:
> > > > > On Wed, Jul 20, 2011 at 10:55 PM, James Antill <james@xxxxxxxxxxxxxxxxx> wrote:
> > > > > >  Is it really necessary to change this in %pre ... can't you just copy
> > > > > > your old login.defs file over the installed one during kickstart %post
> > > > > > (or even do it by hand, post install)?
> > > > > 
> > > > > Unfortunately it is necessary to do it in %pre because users and
> > > > > groups created in package scriptlets without specifiying an UID/GID
> > > > > explicitly get assigned 999, 998, ... .
> > > > 
> > > >  Doing it this way means it is guaranteed 100% incompatible between
> > > > versions, NFS etc. will be a giant pain for a lot of users. Would it not
> > > > be possible to change the behaviour to be more compatible (Eg. assign
> > > > the first 99 from 499-400, and then move to 999)?
> > > >  It seems like a big price to pay to go from "you may be affected" to
> > > > "we guarantee we've it".
> > 
> > Sometimes you have to break some eggs, that said I would favor changing
> > the behavior to grow from 400 up to 999 instead of grown down from 999
> > to 400, sounds more sensible.
> > 
> > > I agree. We KNOW that this will impact a number of users - many of them
> > > in a position to have to support older machines and newer machines and
> > > will be wedged with some awful solutions for a while.
> > > 
> > > If we can't go to 999 how about we go way up to the 2million+ range?
> > 
> > That would be *much* worse.
> > 
> 
> Why?

Because that range is probably use by many users of Samba (Winbindd),
where ID mapping can use any range, we recommend to set ranges above 1M
or so.

And may be used by users of FreeIPA which allocates a random range of
200k ids starting at 1M, in order to avoid conflicts if you later on
want to set up a trust between domains.

Not to mention any other custom setup where people decided to use a
higher range to avoid conflicts.

     1. Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux