mirror of
https://github.com/systemd/systemd
synced 2024-10-15 04:24:19 +00:00
docs: document homed UID range
This commit is contained in:
parent
28e208a7d8
commit
f62dd2375e
|
@ -96,7 +96,15 @@ but downstreams are strongly advised against doing that.)
|
||||||
|
|
||||||
`systemd` defines a number of special UID ranges:
|
`systemd` defines a number of special UID ranges:
|
||||||
|
|
||||||
1. 61184…65519 → UIDs for dynamic users are allocated from this range (see the
|
1. 60001…60513 → UIDs for home directories managed by
|
||||||
|
[`systemd-homed.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html). UIDs
|
||||||
|
from this range are automatically assigned to any home directory discovered,
|
||||||
|
and persisted locally on first login. On different systems the same user
|
||||||
|
might get different UIDs assigned in case of conflict, though it is
|
||||||
|
attempted to make UID assignments stable, by deriving them from a hash of
|
||||||
|
the user name.
|
||||||
|
|
||||||
|
2. 61184…65519 → UIDs for dynamic users are allocated from this range (see the
|
||||||
`DynamicUser=` documentation in
|
`DynamicUser=` documentation in
|
||||||
[`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/systemd.exec.html)). This
|
[`systemd.exec(5)`](https://www.freedesktop.org/software/systemd/man/systemd.exec.html)). This
|
||||||
range has been chosen so that it is below the 16bit boundary (i.e. below
|
range has been chosen so that it is below the 16bit boundary (i.e. below
|
||||||
|
@ -111,7 +119,7 @@ but downstreams are strongly advised against doing that.)
|
||||||
user record resolving works correctly without those users being in
|
user record resolving works correctly without those users being in
|
||||||
`/etc/passwd`.
|
`/etc/passwd`.
|
||||||
|
|
||||||
2. 524288…1879048191 → UID range for `systemd-nspawn`'s automatic allocation of
|
3. 524288…1879048191 → UID range for `systemd-nspawn`'s automatic allocation of
|
||||||
per-container UID ranges. When the `--private-users=pick` switch is used (or
|
per-container UID ranges. When the `--private-users=pick` switch is used (or
|
||||||
`-U`) then it will automatically find a so far unused 16bit subrange of this
|
`-U`) then it will automatically find a so far unused 16bit subrange of this
|
||||||
range and assign it to the container. The range is picked so that the upper
|
range and assign it to the container. The range is picked so that the upper
|
||||||
|
@ -232,7 +240,8 @@ the artifacts the container manager persistently leaves in the system.
|
||||||
| 5 | `tty` group | `systemd` | `/etc/passwd` |
|
| 5 | `tty` group | `systemd` | `/etc/passwd` |
|
||||||
| 6…999 | System users | Distributions | `/etc/passwd` |
|
| 6…999 | System users | Distributions | `/etc/passwd` |
|
||||||
| 1000…60000 | Regular users | Distributions | `/etc/passwd` + LDAP/NIS/… |
|
| 1000…60000 | Regular users | Distributions | `/etc/passwd` + LDAP/NIS/… |
|
||||||
| 60001…61183 | Unused | | |
|
| 60001…60513 | Human Users (homed) | `systemd` | `nss-systemd`
|
||||||
|
| 60514…61183 | Unused | | |
|
||||||
| 61184…65519 | Dynamic service users | `systemd` | `nss-systemd` |
|
| 61184…65519 | Dynamic service users | `systemd` | `nss-systemd` |
|
||||||
| 65520…65533 | Unused | | |
|
| 65520…65533 | Unused | | |
|
||||||
| 65534 | `nobody` user | Linux | `/etc/passwd` + `nss-systemd` |
|
| 65534 | `nobody` user | Linux | `/etc/passwd` + `nss-systemd` |
|
||||||
|
|
Loading…
Reference in a new issue