I know I'm jumping in here late but is there a suggested correct procedure for migrating users to the 1000+ range without causing mass chaos across your systems?
Just trying to see if I'm missing something obvious or it's just a case of doing it the old fashioned way.
Thanks,
Trevor
On Wed, Jan 22, 2014 at 10:16 PM, Shawn Wells shawn@redhat.com wrote:
On 1/8/14, 10:51 AM, Shaw, Ray V CTR USARMY ARL (US) wrote:
Classification: UNCLASSIFIED Caveats: NONE
https://lists.fedoraproject.org/pipermail/devel/2011-May/151663.html
Will UID_MIN and GID_MIN default to 1000 in RHEL7 as well? I have not had (and do not have, sadly) time to check out the RHEL7 beta, but a quick search of several of the documentation pages didn't mention this. I would imagine so, given things like:
https://bugzilla.redhat.com/show_bug.cgi?id=907312
If so, should we expect the STIG for RHEL7 to reflect this, counting everything 1000 and below as a "system" account/group for relevant rules? Just trying to get a head start on potentially necessary UID/GID changes.
Great question. Yes, they'll default to 1000 and the RHEL7 STIG will reflect. Feel free to send in a patch if you're so inclined :)
Admittedly things will get interesting in legacy environments which support both RHEL6 and RHEL7. As RHEL7 progresses we'll make note of this... perhaps issue some kind of "RHEL6 to RHEL7 migration issues" FAQ.
scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide