Guidance on solving the username namespacing problem
Russ Allbery
rra at debian.org
Sun Jan 5 19:10:52 GMT 2020
Colin Watson <cjwatson at debian.org> writes:
> As Simon said, EF00-FFEF = 61184-65519 covers more than just netplan
> (https://salsa.debian.org/debian/base-passwd/blob/master/README), and
> several of the IDs allocated there in the vaguely recent past are hard
> to change (their rationales included "needs to be the same across
> multiple machines"), so I don't think we can use the existing systemd
> range - it needs to be adjusted for Debian at least to some extent. I'm
> not prepared to cede all of 64000-64999 to systemd; perhaps it would
> have been better if base-passwd had started at 60000 instead, but we're
> here now.
Oh, whoops, I misread and didn't double-check. Yes, we definitely don't
want to stomp on the 64000 range that we've been using for forever.
Apologies for the confusion.
> The rate of static allocations in 60000-64999 is low enough that I'm not
> concerned in principle about carving off a slice of it for dynamic
> allocations by systemd-sysusers, and in any case I wasn't expecting to
> ever need to allocate more static IDs under 64000 (netplan was before my
> time). Perhaps we could start by reserving 61184-63433, given the
> netplan allocation? Yes, it's a bit arbitrary, but also not really all
> that stingy, and base-passwd's allocations are meant to be permanent
> even if the package has been removed (since we can never guarantee that
> it's been removed from users' systems).
This sounds good to me.
--
Russ Allbery (rra at debian.org) <https://www.eyrie.org/~eagle/>
More information about the Pkg-systemd-maintainers
mailing list