shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-09 01:18:19 +03:00
Code

Merge pull request #30847 from keszybz/some-docs-updates

Browse Source 
Some docs updates
This commit is contained in:
Lennart Poettering 2024-01-31 11:09:56 +01:00 committed by GitHub
commit 4fec9fed61
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
docs/UIDS-GIDS.md
View File

@ -21,7 +21,7 @@ validity for GIDs too.
In theory, the range of the C type `uid_t` is 32-bit wide on Linux,
i.e. 0…4294967295. However, four UIDs are special on Linux:
1. 0 → The `root` super-user
1. 0 → The `root` super-user.
2. 65534 → The `nobody` UID, also called the "overflow" UID or similar. It's
where various subsystems map unmappable users to, for example file systems
@ -57,20 +57,20 @@ Distributions generally split the available UID range in two:
2. 1000…65533 and 65536…4294967294 → Everything else, i.e. regular (human) users.
Note that most distributions allow changing the boundary between system and
regular users, even during runtime as user configuration. Moreover, some older
systems placed the boundary at 499/500, or even 99/100. In `systemd`, the
boundary is configurable only during compilation time, as this should be a
decision for distribution builders, not for users. Moreover, we strongly
discourage downstreams to change the boundary from the upstream default of
999/1000.
Some older systems placed the boundary at 499/500, or even 99/100,
and some distributions allow the boundary between system and regular users to be changed
via local configuration.
In `systemd`, the boundary is configurable during compilation time
and is also queried from `/etc/login.defs` at runtime,
if the `-Dcompat-mutable-uid-boundaries=true` compile-time setting is used.
We strongly discourage downstreams from changing the boundary from the upstream default of 999/1000.
Also note that programs such as `adduser` tend to allocate from a subset of the
available regular user range only, usually 1000..60000. And it's also usually
user-configurable, too.
available regular user range only, usually 1000..60000.
This range can also be configured using `/etc/login.defs`.
Note that systemd requires that system users and groups are resolvable without
networking available — a requirement that is not made for regular users. This
network — a requirement that is not made for regular users. This
means regular users may be stored in remote LDAP or NIS databases, but system
users may not (except when there's a consistent local cache kept, that is
available during earliest boot, including in the initrd).
@ -155,15 +155,15 @@ The most important boundaries of the local system may be queried with
`pkg-config`:
```
$ pkg-config --variable=systemuidmax systemd
$ pkg-config --variable=system_uid_max systemd
999
$ pkg-config --variable=dynamicuidmin systemd
$ pkg-config --variable=dynamic_uid_min systemd
61184
$ pkg-config --variable=dynamicuidmax systemd
$ pkg-config --variable=dynamic_uid_max systemd
65519
$ pkg-config --variable=containeruidbasemin systemd
$ pkg-config --variable=container_uid_base_min systemd
524288
$ pkg-config --variable=containeruidbasemax systemd
$ pkg-config --variable=container_uid_base_max systemd
1878982656
```