Red Hat Bugzilla – Bug 732442
Reserve static uid/gids for OpenStack packages - swift, glance and nova
Last modified: 2011-08-23 05:32:07 EDT
As per: http://fedoraproject.org/wiki/Packaging:UsersAndGroups The openstack-{swift,glance,nova} packages dynamically allocate uids and gids for the users they create We'd prefer to have these uids and gids statically allocated in the uidgid file so that: 1) The uids and gids are predictable 2) We can shut up rpmlint's non-standard-uid warning See bug #707199 and bug #731966 In summary, please allocate static uids and gids for the swift, glance and nova users
Thanks for filing the request. There are not only pros of static allocation... we have only 200 uidgid pairs which could be reserved statically - and more than 100 is already reserved - so static uidgid allocation should be used only if the system user account handles/stores sensitive data or if it is network facing/communicating between virtual machines - so predictable uid/gid makes sense there. Is that your case? If so, could you please provide homedir and package which will create them for all these 3 users? I'll let you know which pairs will be reserved.
Thanks Ondrej All three accounts are used for network facing daemons which store sensitive data Homedir for each is /var/lib/{swift,glance,nova} and packages are openstack-{swift,glance,nova}
* Tue Aug 23 2011 Ondrej Vasik <ovasik@redhat.com> 2.8.38-1 - reserve 160:160 for swift (openstack-swift) - #732442 - reserve 161:161 for glance (openstack-glance) - #737442 - reserve 162:162 for nova (openstack-nova) - #737442 Closing RAWHIDE.
oops, now I see typos in the changelog :) ... anyway, reserved uidgids are correct :)
Thanks again Ondrej :)