source: postlfs/config/users.xml@ bb2a1624

systemd-13485
Last change on this file since bb2a1624 was bb2a1624, checked in by Krejzi <krejzi@…>, 9 years ago

Reserve new uid/gid for systemd.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/branches/systemd@16953 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 8.2 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="postlfs-users-groups" xreflabel="About System Users and Groups">
9 <?dbhtml filename="users.html"?>
10
11 <sect1info>
12 <othername>$LastChangedBy$</othername>
13 <date>$Date$</date>
14 </sect1info>
15
16 <title>About System Users and Groups</title>
17
18 <indexterm zone="postlfs-users-groups">
19 <primary sortas="e-etc-passwd">/etc/passwd</primary>
20 </indexterm>
21
22 <indexterm zone="postlfs-users-groups">
23 <primary sortas="e-etc-group">/etc/group</primary>
24 </indexterm>
25
26 <indexterm zone="postlfs-users-groups">
27 <primary sortas="e-etc-login.defs">/etc/login.defs</primary>
28 </indexterm>
29
30 <para>Throughout BLFS, many packages install programs that
31 run as daemons or in some way should have a user or group name
32 assigned. Generally these names are used to map a user ID (uid) or group
33 ID (gid) for system use. Generally the specific uid or gid numbers used
34 by these applications are not significant. The exception of course, is
35 that <systemitem class='username'>root</systemitem> has a uid and gid of 0
36 (zero) that is indeed special. The uid values are stored in
37 <filename>/etc/passwd</filename> and the gid values
38 are found in <filename>/etc/group</filename>.</para>
39
40 <para>Customarily, Unix systems classify users and groups into two
41 categories: system users and regular users. The system users and groups are
42 given low numbers and regular users and groups have numeric values greater
43 than all the system values. The cutoff for these numbers is found in two
44 parameters in the <filename>/etc/login.defs</filename> configuration file.
45 The default UID_MIN value is 1000 and the default GID_MIN value is 1000. If a
46 specific uid or gid value is not specified when creating a user with
47 <command>useradd</command> or a group with <command>groupadd</command> the values
48 assigned will always be above these cutoff values.</para>
49
50 <para>Additionally, the <ulink
51 url='http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/usernames.html'>
52 Linux Standard Base</ulink> recommends that system uid and gid values should be
53 below 100.</para>
54
55 <para>Below is a table of suggested uid/gid values used in BLFS beyond those
56 defined in a base LFS installation. These can be changed as desired, but
57 provide a suggested set of consistent values.</para>
58
59 <table id="uidgid" class="uidvalues">
60 <title>UID/GID Suggested Values</title>
61 <?dbfo table-width="2in" ?>
62 <tgroup cols="3">
63 <colspec colnum="1" colwidth="1.2in"/>
64 <colspec colnum="2" colwidth=".4in"/>
65 <colspec colnum="3" colwidth=".4in"/>
66 <thead>
67 <row><entry>Name</entry><entry>uid</entry><entry>gid</entry></row>
68 </thead>
69 <tbody>
70 <row><entry>bin </entry><entry> 1</entry><entry> </entry></row>
71 <row><entry>lp </entry><entry> 9</entry><entry> </entry></row>
72 <!--<row><entry>usb </entry><entry> </entry><entry>14</entry></row> -->
73 <row><entry>adm </entry><entry> </entry><entry>16</entry></row>
74 <row><entry>atd </entry><entry>17</entry><entry>17</entry></row>
75 <row><entry>messagebus</entry><entry>18</entry><entry>18</entry></row>
76 <row><entry>lpadmin </entry><entry></entry><entry>19</entry></row>
77 <row><entry>named </entry><entry>20</entry><entry>20</entry></row>
78 <row><entry>gdm </entry><entry>21</entry><entry>21</entry></row>
79 <row><entry>fcron </entry><entry>22</entry><entry>22</entry></row>
80 <row><entry>systemd-journal</entry><entry></entry><entry>23</entry></row>
81 <row><entry>apache </entry><entry>25</entry><entry>25</entry></row>
82 <row><entry>smmsp </entry><entry>26</entry><entry>26</entry></row>
83 <row><entry>polkitd </entry><entry>27</entry><entry>27</entry></row>
84 <row><entry>rpc </entry><entry>28</entry><entry>28</entry></row>
85 <!-- <row><entry>courier </entry><entry>30</entry><entry>30</entry></row> -->
86 <row><entry>exim </entry><entry>31</entry><entry>31</entry></row>
87 <row><entry>postfix </entry><entry>32</entry><entry>32</entry></row>
88 <row><entry>postdrop</entry><entry> </entry><entry>33</entry></row>
89 <row><entry>sendmail</entry><entry>34</entry><entry> </entry></row>
90 <row><entry>mail </entry><entry> </entry><entry>34</entry></row>
91 <row><entry>vmailman</entry><entry>35</entry><entry>35</entry></row>
92 <row><entry>news </entry><entry>36</entry><entry>36</entry></row>
93 <row><entry>kdm </entry><entry>37</entry><entry>37</entry></row>
94 <row><entry>mysql </entry><entry>40</entry><entry>40</entry></row>
95 <row><entry>postgres</entry><entry>41</entry><entry>41</entry></row>
96 <row><entry>dovecot </entry><entry>42</entry><entry>42</entry></row>
97 <row><entry>dovenull</entry><entry>43</entry><entry>43</entry></row>
98 <row><entry>ftp </entry><entry>45</entry><entry>45</entry></row>
99 <row><entry>proftpd </entry><entry>46</entry><entry>46</entry></row>
100 <row><entry>vsftpd </entry><entry>47</entry><entry>47</entry></row>
101 <row><entry>rsyncd </entry><entry>48</entry><entry>48</entry></row>
102 <row><entry>sshd </entry><entry>50</entry><entry>50</entry></row>
103 <row><entry>stunnel </entry><entry>51</entry><entry>51</entry></row>
104 <row><entry>svn </entry><entry>56</entry><entry>56</entry></row>
105 <row><entry>svntest </entry><entry> </entry><entry>57</entry></row>
106 <!-- <row><entry>pulse </entry><entry>58</entry><entry>58</entry></row>
107 <row><entry>pulse-access</entry><entry></entry><entry>59</entry></row>
108-->
109 <row><entry>games </entry><entry>60</entry><entry>60</entry></row>
110 <row><entry>kvm </entry><entry> </entry><entry>61</entry></row>
111 <row><entry>wireshark</entry><entry> </entry><entry>62</entry></row>
112 <row><entry>lightdm </entry><entry>63</entry><entry>63</entry></row>
113 <row><entry>sddm </entry><entry>64</entry><entry>64</entry></row>
114 <row><entry>scanner </entry><entry> </entry><entry>70</entry></row>
115 <row><entry>colord </entry><entry>71</entry><entry>71</entry></row>
116
117 <!-- Begin systemd specific users and groups -->
118 <row><entry>systemd-bus-proxy</entry><entry>72</entry><entry>72</entry></row>
119 <row><entry>systemd-journal-gateway</entry><entry>73</entry><entry>73</entry></row>
120 <row><entry>systemd-journal-remote</entry><entry>74</entry><entry>74</entry></row>
121 <row><entry>systemd-journal-upload</entry><entry>75</entry><entry>75</entry></row>
122 <row><entry>systemd-network</entry><entry>76</entry><entry>76</entry></row>
123 <row><entry>systemd-resolve</entry><entry>77</entry><entry>77</entry></row>
124 <row><entry>systemd-timesync</entry><entry>78</entry><entry>78</entry></row>
125 <row><entry>systemd-coredump</entry><entry>79</entry><entry>79</entry></row>
126 <!-- End systemd specific users and groups -->
127
128 <row><entry>ldap </entry><entry>83</entry><entry>83</entry></row>
129 <row><entry>avahi </entry><entry>84</entry><entry>84</entry></row>
130 <row><entry>avahi-autoipd</entry><entry>85</entry><entry>85</entry></row>
131 <row><entry>netdev </entry><entry> </entry><entry>86</entry></row>
132 <row><entry>ntp </entry><entry>87</entry><entry>87</entry></row>
133 <row><entry>unbound </entry><entry>88</entry><entry>88</entry></row>
134 <row><entry>plugdev </entry><entry> </entry><entry>90</entry></row>
135 <row><entry>anonymous</entry><entry>98</entry><entry> </entry></row>
136 <row><entry>nobody </entry><entry>99</entry><entry> </entry></row>
137 <row><entry>nogroup </entry><entry> </entry><entry>99</entry></row>
138 </tbody>
139 </tgroup>
140 </table>
141
142 <para>One value that is missing is 65534. This value is customarily assigned
143 to the user <systemitem class="username">nobody</systemitem> and group
144 <systemitem class="groupname">nogroup</systemitem> and is unnecessary.
145 </para>
146
147</sect1>
Note: See TracBrowser for help on using the repository browser.