RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 991508 - Add more detailed information about reserved uids/gids on RHEL
Summary: Add more detailed information about reserved uids/gids on RHEL
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Deployment_Guide
Version: 6.4
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: rc
: ---
Assignee: Maxim Svistunov
QA Contact: ecs-bugs
URL:
Whiteboard:
Depends On: 991502
Blocks: 991505
TreeView+ depends on / blocked
 
Reported: 2013-08-02 15:23 UTC by Dave Sullivan
Modified: 2023-09-14 01:48 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-05-25 17:34:31 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Dave Sullivan 2013-08-02 15:23:15 UTC 
Document URL: 

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Deployment_Guide/index.html#ch-Managing_Users_and_Groups

Section Number and Name: 

Chapter 3. Managing Users and Groups

Describe the issue: 

Reserved uids/gids are documented within the setup rpm.  It would be nice to make a reference to that.

cat /usr/share/doc/setup-2.8.14/uidgid

Also it would be nice to incorporate the information supplied here.

https://fedoraproject.org/wiki/Packaging:UsersAndGroups

Suggestions for improvement: 

Additional information: 

Specifically the allocation strategies.  If you look at those scripts you can sort of see how you prevent yourself from running into problems with uid/gid relative to using the dynamic allocation strategy.  

So it does look like setup rpm is the right spot, it's just a matter of folks following the FCP process for obtaining a soft static uid/gid.

we need to expose this to the RHEL Product PMs to ensure they are following this process.  As well as exposing this to third party/hardware partner vendors as well.

Because as we have seen from the setup rpm we are missing documented uid/gid for openstack, and I suspect there are others.

The other thing is that we will have to work on is migrating the above documentation into RHEL documentation.

On another note, it looks like there will be some movement of the reserved space going up to 1000.

So probably best to start non reserved gids at something higher then 1000, maybe 5000 is a good best practice strategy.
Comment 13 Kay Likes 2016-03-18 02:52:06 UTC 
It seems that I am running into more UID/GID conflicts as more applications are added. I was wondering if any progress was made toward the following:

"we need to expose this to the RHEL Product PMs to ensure they are following this process.  As well as exposing this to third party/hardware partner vendors as well."

Also, is there a time frame and discussion regarding the following?

"On another note, it looks like there will be some movement of the reserved space going up to 1000."
Comment 14 Aneta Šteflová Petrová 2016-04-08 16:17:43 UTC 
Hello, I'm taking over this BZ to investigate the problem. I will keep you updated on my progress.
Comment 17 Aneta Šteflová Petrová 2016-04-20 11:19:32 UTC 
(In reply to Kay Likes from comment #13)
> It seems that I am running into more UID/GID conflicts as more applications
> are added. I was wondering if any progress was made toward the following:
> 
> "we need to expose this to the RHEL Product PMs to ensure they are following
> this process.  As well as exposing this to third party/hardware partner
> vendors as well."

I'm setting a needinfo on the reporter of this BZ: Dave, do you have any update on this?

> 
> Also, is there a time frame and discussion regarding the following?
> 
> "On another note, it looks like there will be some movement of the reserved
> space going up to 1000."

The Deployment Guide has been updated with a recommendation to assign IDs starting at 5,000. This should prevent conflicts if the reserved space goes up in the future.

Again, I'm wondering if the reporter of the BZ can provide an update: Dave, do you know about any progress in this direction?
Comment 21 Maxim Svistunov 2016-05-16 14:24:00 UTC 
This Bugzilla has been resolved (with Dave's ACK in Comment 19), and the new version of the guide will be published soon, probably this week.

Kay, we have requested answers to your questions in Comment 13. Once the relevant people respond, I will inform you.
Comment 23 Red Hat Bugzilla 2023-09-14 01:48:41 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days
Note You need to log in before you can comment on or make changes to this bug.