username/uid restrictions

Mike McCarty mike.mccarty at sbcglobal.net
Fri Dec 2 19:45:28 UTC 2005 

T. Horsnell wrote:
> 'morning all,
> I see from my new RHEL4 sysadmin guide that uid's up to 500 are
> reserved for system use. When I first began setting up my
> Unix userbase some 15 years ago, I unfortunately chose to start
> at uid 100, so I now have to change the uid's of some 400 users,
> 36 million files, on a hundred or so boxes. OK, this is do-able
> and should be more-or-less 'transparent to the user'.
> (Since I'm going to make a change, should I start at 1000 and change
> the lot? How reliable is the 500?)
> The thing that concerns me more, is the plethora of reserved
> usernames. There seems to be no rule to distinguish a reserved
> username (presumably the list in the RHEL sysadmin guide is
> going to grow) and its only a matter of time before some
> newly allocated name collides with one which has been given to
> a user. In fact, I cant find anywhere what the rules are for
> usernames. Character-set? How many chars?
> Pity that reserved names arent systematic in some way (like
> always starting with sys_ or somesuch).
> 
> I'm not looking forward to the day when a new system-username
> duplicates the username of one of the directors, which he has
> had for the last 15 years, and which is also his email address 
> held on mailing lists and institutions all over the place...
> 
> Any advice out there? 

Yes, do what the C Standard does, reserve some names which are
unlikely to be desired. For example, let's promote a Standard
for User Names (like the File Hierarchy Standard) which reserves
names which are all uppercase or begin with two underscores, or
something like that to the system. So a name like "elaine" is
reserved for ordinary users, while a name like "__elaine" is
reserved for special/system users.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!

More information about the fedora-list mailing list