Usercreation-policy

[Bill Nottingham]

Enrico Scholz (enrico.scholz at informatik.tu-chemnitz.de) said: 
> Thoughts, comments?

As I'm sure you're aware of, historical Red Hat policy has been
(watch me forget part of this):

- users are 'registered' when a package wants them, doled out
  by hand, and recorded in a documentation file. This is currently
  in the setup package, uidgid file.
- users and groups are *not* deleted on package uninstall; as they're
  unique, that's not a big of a deal.
- users and groups are *not* reused. Even if the old package goes
  away.

As for what's doled out, the id ranges in the system are:

- 0-100 - system users
- 101-499 - reserved for local sysadmin use
- 500+ - useradd starts adding users here

Obviously, limiting things to <= 100 makes things somewhat crowded.
Currently, there are 44 UIDs and 32 GIDs free, unless I missed one.

That's actually more than I thought there were, but it's still a
number that certainly can run out in the future, depending on
how big the package list explodes.

One issue with the proposal as mentioned:

- the IDs still will not be constant across systems; it will still
  run into the filesystem sharing issue as mentioned on your
  dynamic user page; if the different systems choose a different
  base, they'll get different IDs

The simplistic proposal is, when necessary, to simply expand
the range of 'system' users. Obviously, anything you do here
is going to run into established practice somewhere, whether
you just start taking more from the 100-500 range, or start
pulling from the top of the range of userids.

Bill