0

Assume you have created a daemon (custom written) and want to create new uid/gid for this program.

Are there any standard practices?

e.g.

  1. Should the uid and gid be the same?
  2. Should the id start from 1000?

or any?

The reason I ask is currently I am using dynamically allocated, but when I have more than one machine, seems it is a good choice to use a fixed numbers?

Update: I am using Ubuntu

Ryan
  • 5,831
  • 24
  • 72
  • 91

2 Answers2

1
  • UIDs below 100 are typically reserved for system accounts and services.
  • UID between 100 and 1000 are typically reserved for applications such as Oracle, Apache, etc.
  • Typically user accounts start at 1000 or even higher. Given the number of UIDs available on most Unix systems (65,535 if not more than that), the likelihood of running out of UIDs is almost non-existent. On 64 bit system UID are stored in at least 32 bit fields and that means that maximum value is much higher.

Some distributions like RHEL recommend to set user private group (upg), which should have the same gid as the uid of the user.

There are some good guides here:
http://www.softpanorama.org/Access_control/Groups/index.shtml
http://www.softpanorama.org/Access_control/Groups/primary_group.shtml

fireto
  • 164
  • 3
0

Standard practices exist for each Linux distribution. For example, in Debian, the package for your daemon would take care of creating a "dynamically allocated" system user and group. Each will usually get an ID between 100 and 999 (see the policy manual, section 9.2.2, as a reference).

Of course, it could be considered a good practice to do so even if you're not packaging your daemon, but you are installing it on a single machine; as they are dynamically allocated, this won't interfere with other software.

pino42
  • 915
  • 5
  • 11