Allow sys uid min/max and sys gid min/max to be configured #86

Merged
merged 1 commit into from Aug 12, 2015

Conversation

Projects
None yet
4 participants
@joshgarnett

This allows the system uid/gid min/max to be configured

@Rockstar04

This comment has been minimized.

Show comment
Hide comment
@Rockstar04

Rockstar04 Jul 14, 2015

Member

As long as the defaults stay within the range of all of our supported platforms (ubuntu >= 12.04, debian >= 6.0, centos >= 6.4, redhat >= 6.4, oracle >= 6.4) this seems fine to me.

Out of curisoty, what is your use case for adjusting these?

Member

Rockstar04 commented Jul 14, 2015

As long as the defaults stay within the range of all of our supported platforms (ubuntu >= 12.04, debian >= 6.0, centos >= 6.4, redhat >= 6.4, oracle >= 6.4) this seems fine to me.

Out of curisoty, what is your use case for adjusting these?

@evaryont

This comment has been minimized.

Show comment
Hide comment
@evaryont

evaryont Jul 14, 2015

I'd like to see this merged in, as well. For arch, the values are set to 500/999 instead of the defaults which leaves it at 100/999.

The benefit is that the packagers can reserve uids 1-499 for a variety of uses (dbus system user, systemd-networkd's user, ntp, etc) and I can generate my own system accounts (useradd -r) without worry about conflicts, etc.

I'd like to see this merged in, as well. For arch, the values are set to 500/999 instead of the defaults which leaves it at 100/999.

The benefit is that the packagers can reserve uids 1-499 for a variety of uses (dbus system user, systemd-networkd's user, ntp, etc) and I can generate my own system accounts (useradd -r) without worry about conflicts, etc.

@joshgarnett

This comment has been minimized.

Show comment
Hide comment
@joshgarnett

joshgarnett Jul 14, 2015

My company has reserved >= 500 for user accounts due to some legacy decisions. Any system accounts that created between 500 & 1000 currently get nuked by our configuration management system.

My company has reserved >= 500 for user accounts due to some legacy decisions. Any system accounts that created between 500 & 1000 currently get nuked by our configuration management system.

@Rockstar04

This comment has been minimized.

Show comment
Hide comment
@Rockstar04

Rockstar04 Jul 14, 2015

Member

Cool thanks for the input!

Member

Rockstar04 commented Jul 14, 2015

Cool thanks for the input!

@chris-rock

This comment has been minimized.

Show comment
Hide comment
@chris-rock

chris-rock Aug 12, 2015

Member

Thanks for adding this feature @joshgarnett

Member

chris-rock commented Aug 12, 2015

Thanks for adding this feature @joshgarnett

chris-rock added a commit that referenced this pull request Aug 12, 2015

Merge pull request #86 from joshgarnett/sys_uid_gid
Allow sys uid min/max and sys gid min/max to be configured

@chris-rock chris-rock merged commit deb817f into dev-sec:master Aug 12, 2015

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
coverage/coveralls Coverage remained the same at 100.0%
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment