This site is now 100% read-only, and retired.

Raising the uid and gid limits?

Posted by jeanrob98 on Wed 16 Sep 2009 at 19:08

Tags: ,

According to Debian policy, limits for both UID and GID numbers (User IDs and Group IDs) are a maximum of 65535. Is there a way of increasing this limit?

I presume that this would break policy, but I am curious as to how this is assigned, where it can be changed.

I'd also be interested to know what software would break?

 

 


Re: Raising the uid and gid limits?
Posted by Anonymous (85.130.xx.xx) on Wed 16 Sep 2009 at 20:55
recommended: 65535
maximum allowable: 4294967295

[ Parent ]

Re: Raising the uid and gid limits?
Posted by Anonymous (83.160.xx.xx) on Wed 16 Sep 2009 at 21:07
uid_t is 32 bits at least on i386 so it should work. I think the best way to find out is do some tests. I expect that some tools that list userids (ps, perhaps ls, etc) will have less readable output, adduser and related tools will probably give warnings or fail, etc.

Furthermore if you need more than 65000 users on your system you may need something that scales well when username lookups are done.

[ Parent ]

Re: Raising the uid and gid limits?
Posted by jeanrob98 (2620:0xx:0xx:0xxx:0xxx:0xxx:xx) on Wed 16 Sep 2009 at 21:27
I don't have more than 65000 users. But I do have a need for large UID numbers. Specifically, I am using winbind with a MS Active Directory, that provides UID's over 1,000,000

[ Parent ]

Re: Raising the uid and gid limits?
Posted by Anonymous (200.123.xx.xx) on Thu 17 Sep 2009 at 05:15
You can choose that UIDs numbers. Perhaps that number is the default, but you can choose the range with "winbind uid" and "winbind gid".

It just uses some "uncommon" numbers so you dont have any collision. But if you know what you are doing... ;)

[ Parent ]

Re: Raising the uid and gid limits?
Posted by Anonymous (69.133.xx.xx) on Thu 17 Sep 2009 at 05:30
Might not be what you wanted to hear, but have you considered Likewise Open? It creates UID/GIDs as a hash, as opposed to the way winbind does it (at least, as I understand it)

[ Parent ]

Re: Raising the uid and gid limits?
Posted by Anonymous (83.98.xx.xx) on Fri 18 Sep 2009 at 19:49
there is no such limit. we have UID's well over 1.000.000

just make sure you don't clash with the nobody account which is usually at 655xx something.

[ Parent ]

Re: Raising the uid and gid limits?
Posted by omarhem (212.30.xx.xx) on Thu 5 Nov 2009 at 09:35
You can change the limit in /etc/login.defs. And it's only a limit in the sense that this is used for automatic UID selection when creating a new local user.

Just make sure the range between UID_MIN and UID_MAX does not clash with winbind/ldap/nis/... UIDs. Normally when creating a new user with useradd, it will find the current highest UID within it's range and increment by one. If your local UID range clashes with LDAP/Winbind/NIS then you will get users sharing UIDs with unforeseen consequences.

If you are only using local users then you can go nuts with the limits, I've at least never seen any troubles when using high UIDs.

[ Parent ]

Re: Raising the uid and gid limits?
Posted by Anonymous (209.87.xx.xx) on Wed 3 Feb 2010 at 09:45
"There is no such limit [in the debian policy]" is not the same as "there is no such limit for maxint32"

[ Parent ]