(debian-policy.info)UID and GID classes
9.2.2 UID and GID classes
-------------------------
The UID and GID numbers are divided into classes as follows:
0-99:
Globally allocated by the Debian project, the same on every Debian
system. These ids will appear in the ‘passwd’ and ‘group’ files of
all Debian systems, new ids in this range being added automatically
as the ‘base-passwd’ package is updated.
Packages which need a single statically allocated uid or gid should
use one of these; their maintainers should ask the ‘base-passwd’
maintainer for ids.
100-999:
Dynamically allocated system users and groups. Packages which need
a user or group, but can have this user or group allocated
dynamically and differently on each system, should use ‘adduser
--system’ to create the group and/or user. ‘adduser’ will check
for the existence of the user or group, and if necessary choose an
unused id based on the ranges specified in ‘adduser.conf’.
1000-59999:
Dynamically allocated user accounts. By default ‘adduser’ will
choose UIDs and GIDs for user accounts in this range, though
‘adduser.conf’ may be used to modify this behavior.
60000-64999:
Globally allocated by the Debian project, but only created on
demand. The ids are allocated centrally and statically, but the
actual accounts are only created on users’ systems on demand.
These ids are for packages which are obscure or which require many
statically-allocated ids. These packages should check for and
create the accounts in ‘/etc/passwd’ or ‘/etc/group’ (using
‘adduser’ if it has this facility) if necessary. Packages which
are likely to require further allocations should have a “hole” left
after them in the allocation, to give them room to grow.
65000-65533:
Reserved.
65534:
User ‘nobody’. The corresponding gid refers to the group
‘nogroup’.
65535:
This value `must not' be used, because it was the error return
sentinel value when ‘uid_t’ was 16 bits.
65536-4294967293:
Dynamically allocated user accounts. By default ‘adduser’ will not
allocate UIDs and GIDs in this range, to ease compatibility with
legacy systems where ‘uid_t’ is still 16 bits.
4294967294:
‘(uid_t)(-2) == (gid_t)(-2)’ `must not' be used, because it is used
as the anonymous, unauthenticated user by some NFS implementations.
4294967295:
‘(uid_t)(-1) == (gid_t)(-1)’ `must not' be used, because it is the
error return sentinel value.
automatically generated by info2www version 1.2.2.9