source: postlfs/config/users.xml@ 4fe695a

10.0 10.1 11.0 11.1 7.10 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 krejzi/svn lazarus nosym perl-modules qt5new systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/test-20220226
Last change on this file since 4fe695a was 4fe695a, checked in by Krejzi <krejzi@…>, 8 years ago

Reserve more systemd users and groups (doh).

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@13226 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 7.6 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="postlfs-users-groups" xreflabel="About System Users and Groups">
9 <?dbhtml filename="users.html"?>
10
11 <sect1info>
12 <othername>$LastChangedBy$</othername>
13 <date>$Date$</date>
14 </sect1info>
15
16 <title>About System Users and Groups</title>
17
18 <indexterm zone="postlfs-users-groups">
19 <primary sortas="e-etc-passwd">/etc/passwd</primary>
20 </indexterm>
21
22 <indexterm zone="postlfs-users-groups">
23 <primary sortas="e-etc-group">/etc/group</primary>
24 </indexterm>
25
26 <indexterm zone="postlfs-users-groups">
27 <primary sortas="e-etc-login.defs">/etc/login.defs</primary>
28 </indexterm>
29
30 <para>Throughout BLFS, many packages install programs that
31 run as daemons or in some way should have a user or group name
32 assigned. Generally these names are used to map a user ID (uid) or group
33 ID (gid) for system use. Generally the specific uid or gid numbers used
34 by these applications are not significant. The exception of course, is
35 that <systemitem class='username'>root</systemitem> has a uid and gid of 0
36 (zero) that is indeed special. The uid values are stored in
37 <filename>/etc/passwd</filename> and the gid values
38 are found in <filename>/etc/group</filename>.</para>
39
40 <para>Customarily, Unix systems classify users and groups into two
41 categories: system users and regular users. The system users and groups are
42 given low numbers and regular users and groups have numeric values greater
43 than all the system values. The cutoff for these numbers is found in two
44 parameters in the <filename>/etc/login.defs</filename> configuration file.
45 The default UID_MIN value is 1000 and the default GID_MIN value is 1000. If a
46 specific uid or gid value is not specified when creating a user with
47 <command>useradd</command> or a group with <command>groupadd</command> the values
48 assigned will always be above these cutoff values.</para>
49
50 <para>Additionally, the <ulink
51 url='http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/usernames.html'>
52 Linux Standard Base</ulink> recommends that system uid and gid values should be
53 below 100.</para>
54
55 <para>Below is a table of suggested uid/gid values used in BLFS beyond those
56 defined in a base LFS installation. These can be changed as desired, but
57 provide a suggested set of consistent values.</para>
58
59 <table id="uidgid" class="uidvalues">
60 <title>UID/GID Suggested Values</title>
61 <?dbfo table-width="2in" ?>
62 <tgroup cols="3">
63 <colspec colnum="1" colwidth="1.2in"/>
64 <colspec colnum="2" colwidth=".4in"/>
65 <colspec colnum="3" colwidth=".4in"/>
66 <thead>
67 <row><entry>Name</entry><entry>uid</entry><entry>gid</entry></row>
68 </thead>
69 <tbody>
70 <row><entry>bin </entry><entry> 1</entry><entry> </entry></row>
71 <row><entry>lp </entry><entry> 9</entry><entry> </entry></row>
72 <!--<row><entry>usb </entry><entry> </entry><entry>14</entry></row> -->
73 <row><entry>adm </entry><entry> </entry><entry>16</entry></row>
74 <row><entry>atd </entry><entry>17</entry><entry>17</entry></row>
75 <row><entry>messagebus</entry><entry>18</entry><entry>18</entry></row>
76 <row><entry>lpadmin </entry><entry></entry><entry>19</entry></row>
77 <row><entry>named </entry><entry>20</entry><entry>20</entry></row>
78 <row><entry>gdm </entry><entry>21</entry><entry>21</entry></row>
79 <row><entry>fcron </entry><entry>22</entry><entry>22</entry></row>
80 <row><entry>systemd-journal</entry><entry></entry><entry>23</entry></row>
81 <row><entry>apache </entry><entry>25</entry><entry>25</entry></row>
82 <row><entry>smmsp </entry><entry>26</entry><entry>26</entry></row>
83 <row><entry>polkitd </entry><entry>27</entry><entry>27</entry></row>
84 <!-- <row><entry>courier </entry><entry>30</entry><entry>30</entry></row> -->
85 <row><entry>exim </entry><entry>31</entry><entry>31</entry></row>
86 <row><entry>postfix </entry><entry>32</entry><entry>32</entry></row>
87 <row><entry>postdrop</entry><entry> </entry><entry>33</entry></row>
88 <row><entry>sendmail</entry><entry>34</entry><entry> </entry></row>
89 <row><entry>mail </entry><entry> </entry><entry>34</entry></row>
90 <row><entry>vmailman</entry><entry>35</entry><entry>35</entry></row>
91 <row><entry>news </entry><entry>36</entry><entry>36</entry></row>
92 <row><entry>kdm </entry><entry>37</entry><entry>37</entry></row>
93 <row><entry>mysql </entry><entry>40</entry><entry>40</entry></row>
94 <row><entry>postgres</entry><entry>41</entry><entry>41</entry></row>
95 <row><entry>dovecot </entry><entry>42</entry><entry>42</entry></row>
96 <row><entry>dovenull</entry><entry>43</entry><entry>43</entry></row>
97 <row><entry>ftp </entry><entry>45</entry><entry>45</entry></row>
98 <row><entry>proftpd </entry><entry>46</entry><entry>46</entry></row>
99 <row><entry>vsftpd </entry><entry>47</entry><entry>47</entry></row>
100 <row><entry>rsyncd </entry><entry>48</entry><entry>48</entry></row>
101 <row><entry>sshd </entry><entry>50</entry><entry>50</entry></row>
102 <row><entry>stunnel </entry><entry>51</entry><entry>51</entry></row>
103 <row><entry>svn </entry><entry>56</entry><entry>56</entry></row>
104 <row><entry>svntest </entry><entry> </entry><entry>57</entry></row>
105 <!-- <row><entry>pulse </entry><entry>58</entry><entry>58</entry></row>
106 <row><entry>pulse-access</entry><entry></entry><entry>59</entry></row>
107-->
108 <row><entry>games </entry><entry>60</entry><entry>60</entry></row>
109 <row><entry>kvm </entry><entry> </entry><entry>61</entry></row>
110 <row><entry>wireshark</entry><entry> </entry><entry>62</entry></row>
111
112 <!-- Begin systemd specific users and groups -->
113 <row><entry>systemd-bus-proxy</entry><entry>63</entry><entry>63</entry></row>
114 <row><entry>systemd-journal-gateway</entry><entry>64</entry><entry>64</entry></row>
115 <row><entry>systemd-network</entry><entry>65</entry><entry>65</entry></row>
116 <row><entry>systemd-resolve</entry><entry>66</entry><entry>66</entry></row>
117 <row><entry>systemd-timesync</entry><entry>67</entry><entry>67</entry></row>
118 <!-- End systemd specific users and groups -->
119
120 <row><entry>scanner </entry><entry> </entry><entry>70</entry></row>
121 <row><entry>colord </entry><entry>71</entry><entry>71</entry></row>
122 <row><entry>ldap </entry><entry>83</entry><entry>83</entry></row>
123 <row><entry>avahi </entry><entry>84</entry><entry>84</entry></row>
124 <row><entry>avahi-autoipd</entry><entry>85</entry><entry>85</entry></row>
125 <row><entry>netdev </entry><entry> </entry><entry>86</entry></row>
126 <row><entry>ntp </entry><entry>87</entry><entry>87</entry></row>
127 <row><entry>unbound </entry><entry>88</entry><entry>88</entry></row>
128 <row><entry>anonymous</entry><entry>98</entry><entry> </entry></row>
129 <row><entry>nobody </entry><entry>99</entry><entry> </entry></row>
130 <row><entry>nogroup </entry><entry> </entry><entry>99</entry></row>
131 </tbody>
132 </tgroup>
133 </table>
134
135 <para>One value that is missing is 65534. This value is customarily assigned
136 to the user <systemitem class="username">nobody</systemitem> and group
137 <systemitem class="groupname">nogroup</systemitem> and is unnecessary.
138 </para>
139
140</sect1>
Note: See TracBrowser for help on using the repository browser.