Home_greyopenFATE - openSUSE feature tracking > #310922
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

central system user registry

Feature state

openSUSE Distribution
Evaluation By Projectmanager


Once upon a time all systems users were defined in aaa_base via the default
/etc/passwd file. When the uid space below uid 100 got too small a new dynamic
range between 100 and 499 was introduced. So nowadays packages dynamically
create a user in %pre which gets a random uid in this range.
Disadvantage: uids are different on every system. Usually this is
not a problem but for programs that export files over the network it
is. TV recordings made by VDR for example.
useradd has a --preferred-uid option for such cases. It's possible
to specify a uid and useradd tries to use it. If it's already taken
another one is chosen.

Thefore I'd propose to leverage that feature:
- introduce a central uid registry for system users, e.g a file in aaa_base
- lower SYSTEM_UID_MAX (/etc/login.defs) to e.g. 349 and assign
"preferred uids" in the rage 350-499.
- change useradd calls in packages to a macro that transparently
decides whether a preferred uid needs to be used.


- two systems running vdr, one for recording, the other one for playback on a TV want to share recordings via nfs.

- avoid packagers picking too generic user names

- stable uids across appliances


icons/user_comment.png J. E. wrote: (7 years ago)

Recent kernels use NFS4 by default, which transmits the username rather than UID, so the issue is basically resolved in openSUSE 11.4 already.

icons/user_comment.png N. U. wrote: (7 years ago)

"Resolved" is a strong word there. :-)

Identity management is a large space with a multiplicity of complexity. There are numerous solutions in this space. For instance, NIS was invented to deal with this problem. Then LDAP solutions came along. These days, I believe Red Hat has some kind of product competing against Microsoft's Active Directory. And I'd call attention to
Novell's eDirectory product .

Anyhow, I couldn't help but comment on your use of the word "resolved" there. For the benefit of others who may be reading, I think it's worth generally waving in the direction of some of software shipped with openSUSE or compatible with the platform.

icons/user_comment.png L. N. wrote: (7 years ago)

maybe the new rpm 'collections' feature could be leveraged to avoid useradd calls in packages.

icons/user_comment.png L. N. wrote: (17 months ago)
icons/user_comment.png A. S. wrote: (6 months ago)

Is there any status update for this? What to do with this request for SLE15?

icons/user_comment.png R. T. wrote: (2 months ago)

any news?

icons/user_comment.png L. N. wrote: (2 months ago)

not from me. the request is still open and valid.

Last change: 8 weeks ago
Loading tags...
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint