On Tue, 2011-12-20 at 12:59 +0100, Michael Schwendt wrote:
On Tue, 20 Dec 2011 12:24:21 +0100, SC (Simone) wrote:
> can you please explain that a bit further? I don't think I understand,
> I see this reference at
You've quoted the relevant part. Here:
> Another solution might be semi-static UIDs, which are relative to a
> system-wide value and unique for the entire Fedora Project. The
> current (experimental) implementation uses the file
> /etc/fedora/usermgmt/baseuid to configure the value to which the
> relative UID would be added. As an example, when
> /etc/fedora/usermgmt/baseuid contains "30000", the user 'joe',
> the semi-static UID 23, will get the final UID 30023 (30000+23)."
Yep, and that's what the bacula is working with - Simone mentioned
- which was created
for this experimental implementation based on baseuid - and 33 is
reserved there for bacula user/group . But this reservation is not for
33:33 uidgid pair, but for baseuid+33:baseuid+33 uidgid pair (and
fedora-useradd or %fedora_useradd macro should be used for it instead of
shadow-utils /usr/sbin/useradd )
So, if you drop using fedora-usermgmt, you cannot keep the relative
uid 33 that has been registered for it. 33 is "amandabackup":
$ rpm -qd setup
/usr/share/doc/setup-2.8.36/uidgid <-- (!)
Package "setup"'s %changelog mentions a lot of activity related to
Yep, that's right, 33 is reserved for amandabackup user ...
Please note that threshold of 200 is now used for statically allocated
ID's (that's respected in useradd (shadow-utils) - shadow-utils changed
its dynamic user creation, so now it goes downwards. This change was
done in ~F11 and no issues with it were reported so far.
> The file /etc/fedora/usermgmt/baseuid contains 300, so I'm
> the correct setup for Bacula would be to set 333 as the uid/gid. Is
> that correct?
You would first need to have uid 333 registered/reserveed as a fixed uid.
I don't think that this is a good idea - you either should have static
ID (network/virtual machines facing, storing sensitive data) or dynamic
system user creation should be ok for you.
> The previous version used fedora-usermgmt (so uid 333) but did
> remove the user and directory;
Well, then it isn't following the guidelines, which mention the userdel
> that is pointless anyway because you
> don't remove the directory only if you have it dynamic.
However, if the directory contains files created at run-time, the package
should not "rm -rf" those files when uninstalling, so it could remove the