Hi Moritz

On Mon, 04 May 2020 19:53:26 +0200 Moritz Muehlenhoff <j...@debian.org>
wrote:
> Package: systemd
> Severity: wishlist
> 
> The default config in adduser configures
> 
> FIRST_SYSTEM_UID=100
> LAST_SYSTEM_UID=999
> FIRST_SYSTEM_GID=100
> LAST_SYSTEM_GID=999
> 
> I'm wondering if systemd by default should ship
> 
> r     -        100-999
> 
> somewhere in /usr/lib/sysusers.d to mimic that default as well. (The
upper
> bound is already implicitly defined as a compile-time default by
means
> of passing -DSystemd-[ug]id-max=999 in debian/rules)


So, the current builtin defaults are

['system-alloc-uid-min', 'SYS_UID_MIN', 1],                       
['system-uid-max',       'SYS_UID_MAX', 999],
['system-alloc-gid-min', 'SYS_GID_MIN', 1],
['system-gid-max',       'SYS_GID_MAX', 999]]

They can be set via:

option('system-alloc-uid-min', type : 'integer', value : '-1',
       description : 'minimum system UID used when allocating')
option('system-alloc-gid-min', type : 'integer', value : '-1',
       description : 'minimum system GID used when allocating')
option('system-uid-max', type : 'integer', value : '-1',
       description : 'maximum system UID')
option('system-gid-max', type : 'integer', value : '-1',
       description : 'maximum system GID')

The upper bound is already 999, so wouldn't need to be changed.
The lower bound could be changed via 

-Dsystem-alloc-uid-min=100
-Dsystem-allow-gid-min=100

to match the debian/adduser default.

systemd-sysusers would still behave slightly different to adduser
though.
It starts with 999 and works its way down.

This is kinda nice in some way, as you can more easily distinguish
statically allocated system groups/users (via base-passwd) from
dynamically alloced system groups/users.

I.e. I probably wouldn't change that aspect of systemd-sysusers, as I
kinda like it.

Regards,
Michael

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to