[Pkg-shadow-devel] Support for creation of system accounts

Nicolas François nicolas.francois at centraliens.net
Mon Feb 11 10:21:15 UTC 2008


Fedora has a patch to add a -r option to useradd and groupadd, for the
creation of a system account.

System accounts differs from regular accounts:
 * Their ID is not in the same range
   - UID: 1 to UID_MIN - 1
   - GID: 1 to GID_MIN - 1
 * No home directory is created by default
 * Their passwords do not expire

There are also some user/group id policies on Debian, and that option could
be interesting for Debian too. However, it could make more sense to have a
more configurable solution with new variables in login.defs:
  SYS_UID_MIN (defaulting to 1)
  SYS_UID_MAX (defaulting to UID_MAX - 1)
  SYS_GID_MIN (defaulting to 1)
  SYS_GID_MAX (defaulting to GID_MAX - 1)

It would also be interesting to add a -r, --system option to at least
newusers for enforcement of this user/group policy.

I plan to add these variables and the -r, --system options in the next
Does this proposal makes sense?

Best Regards,

More information about the Pkg-shadow-devel mailing list