[Nix-dev] User and group ID ranges
Christian Kauhaus
kc at flyingcircus.io
Wed Jan 13 14:02:22 CET 2016
Hi,
we are currently in the process of configuring users and groups with fixed
UID/GID numbers from a central directory on a bunch of NixOS machines.
I'd like to clarify some policy issues to avoid future ID conflicts.
The current policy, as far as I understand it, is:
* Fixed UIDs/GIDs are in the range 0 <= n < 400 (nixos/modules/misc/ids.nix).
* Dynamic IDs for system users are allocated from the range 400 <= n < 500
(nixos/modules/config/update-users-groups.pl).
* The range 500 <= n < 1000 seems currently to be reserved.
* "Normal" (human) users go into the range 1000 <= n < 30000
(nixos/modules/config/users-groups.nix).
* The range 30000 <= n < 65535 seems to be used for dynamically allocated
groups for nixbuild (?)
Is this correct?
Are there any plans on using the range 500 <= n < 1000? When I look at the
list of statically allocated UIDs below 400, I wonder if it is not like to see
an overflow.
I'm currently unsure what the policy is for 30000 <= n < 65535. Is it ok for
sites to allocate additional IDs without fear for conflict?
TIA
Christian
--
Dipl-Inf. Christian Kauhaus <>< · kc at flyingcircus.io · +49 345 219401-0
Flying Circus Internet Operations GmbH · http://flyingcircus.io
Forsterstraße 29 · 06112 Halle (Saale) · Deutschland
HR Stendal 21169 · Geschäftsführer: Christian Theune, Christian Zagrodnick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160113/6fdf495c/attachment.bin
More information about the nix-dev
mailing list