[CentOS] UID/GID CentOS 6 to CentOS 7

Thu Oct 22 20:58:04 UTC 2020
Valeri Galtsev <galtsev at kicp.uchicago.edu>


On 10/22/20 3:21 PM, Louis Lagendijk wrote:
> On Thu, 2020-10-22 at 15:13 +0200, Thomas Plant wrote:
>> Am 22.10.2020 um 14:11 schrieb Thomas Plant:
>>> Hi,
>>>
>>> we are upgrading some servers from C6 to C7 with a lot of user
>>> accounts on them (UID>=500).
>>> CentOS 7 has MIN_UID/MIN_GID 1000, Centos 6 has 500 in login.defs.
>>>
>>> Can I change in /etc/login.defs MIN_UID/MIN_GID to 500 for C7? So
>>> I
>>> could just grep the users out from passwd/shadow/group files and
>>> append them to the Centos7 passwd/shadow/group files.
>>> Can this do any damage to CentOS7 later on? Thinking about
>>> updates....
>>>
>>> Thanks,
>>> Thomas
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos
>>
>> Thanks, for the hints.
>>
>> Think I will go the lazy way and adapt login.defs. ;-)
>>
>> Greetings,
>> Thomas
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> You better don't do that:
> when I looked at one of my C8 boxes there were many services that
> require a system account (but not a global fixed one) were allocated
> from the top of the 500-999 range. Bite the bullet and  change user
> accounts. to start from 1000.  Especially when using NFS this may
> otherwise come back and bite you
> 

I've been though the need of similar changes at least twice. Fist time 
when I was migrating servers from SunOS, where reserves UIG/GID number 
were 0-100, to RedHat (and CentOS) Linuxes (0-500), and the second time 
when Linux went up to 0-1000. In both cases the analyses what would be 
right thing was short, and the transition was just to find how far up to 
move UIDs/GIDs of existing users in the range 101-500 or 501-1000. The 
rest of the users stayed the same. Otherwise you may get an "unusual" 
for its breed system with lot of surprises in a future, especially if 
some new sysadmin comes to take care if the machine.

Just my $0.02.

Valeri

> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 

-- 
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++