[Pkg-shadow-devel] Bug#784596: Bug#784596: missing or legacy subuid/subgid entries

Eric W. Biederman ebiederm at xmission.com
Wed May 20 17:01:17 UTC 2015

Christoph Anton Mitterer <calestyo at scientia.net> writes:

> The reason for these discrepancies is probably simply that passwd/login
> were upgraded after systemd as it seems.
> Which leaves however the question open:
> Shouldn't there be some code or whatsoever to add sub[u|g]id entries for
> legacy users?
> And if this isn't needed anyway,... why having it?

There should be code in usermod to add subuid and subgid entries to
existing users.  There certainly was at the time the code was written.

If the upgrade process uses that functionality I leave up to the

The functionality is very useful in combination with newuidmap and and
newgidmap for the creation of unprivileged containers.  If you are not
using those there is not much point.  So it seems reasonable to be a
something that can be set per system.

Not changing existing users sounds like a good default as it does not
break existing assumptions.  Then for the people who care you can just
use usermod and add those ids.


More information about the Pkg-shadow-devel mailing list