(debian-policy.info)UID and GID classes

Next: Non-existent home directories Prev: Introduction Up: Users and groups
Enter node , (file) or (file)node 

9.2.2 UID and GID classes
-------------------------

The UID and GID numbers are divided into classes as follows:

0-99:

     Globally allocated by the Debian project, the same on every Debian
     system.  These ids will appear in the ‘passwd’ and ‘group’ files of
     all Debian systems, new ids in this range being added automatically
     as the ‘base-passwd’ package is updated.

     Packages which need a single statically allocated uid or gid should
     use one of these; their maintainers should ask the ‘base-passwd’
     maintainer for ids.

100-999:

     Dynamically allocated system users and groups.  Packages which need
     a user or group, but can have this user or group allocated
     dynamically and differently on each system, should use ‘adduser
     --system’ to create the group and/or user.  ‘adduser’ will check
     for the existence of the user or group, and if necessary choose an
     unused id based on the ranges specified in ‘adduser.conf’.

1000-59999:

     Dynamically allocated user accounts.  By default ‘adduser’ will
     choose UIDs and GIDs for user accounts in this range, though
     ‘adduser.conf’ may be used to modify this behavior.

60000-64999:

     Globally allocated by the Debian project, but only created on
     demand.  The ids are allocated centrally and statically, but the
     actual accounts are only created on users’ systems on demand.

     These ids are for packages which are obscure or which require many
     statically-allocated ids.  These packages should check for and
     create the accounts in ‘/etc/passwd’ or ‘/etc/group’ (using
     ‘adduser’ if it has this facility) if necessary.  Packages which
     are likely to require further allocations should have a “hole” left
     after them in the allocation, to give them room to grow.

65000-65533:

     Reserved.

65534:

     User ‘nobody’.  The corresponding gid refers to the group
     ‘nogroup’.

65535:

     This value `must not' be used, because it was the error return
     sentinel value when ‘uid_t’ was 16 bits.

65536-4294967293:

     Dynamically allocated user accounts.  By default ‘adduser’ will not
     allocate UIDs and GIDs in this range, to ease compatibility with
     legacy systems where ‘uid_t’ is still 16 bits.

4294967294:

     ‘(uid_t)(-2) == (gid_t)(-2)’ `must not' be used, because it is used
     as the anonymous, unauthenticated user by some NFS implementations.

4294967295:

     ‘(uid_t)(-1) == (gid_t)(-1)’ `must not' be used, because it is the
     error return sentinel value.
automatically generated by info2www version 1.2.2.9