[Adduser-devel] Bug#402288: adduser allows UIDs < 100

Tuukka Hastrup Tuukka.Hastrup at iki.fi
Sat Dec 9 12:35:45 CET 2006

Package: adduser
Version: 3.100

According to the policy, UIDs and GIDs less than 100 are the same on all 
Debian systems and come from the base-passwd package. The adduser man page 
says adduser and addgroup "are friendlier front ends to tools like 
useradd, groupadd and usermod programs, choosing Debian policy conformant 
UID and GID values --." However, the programs don't enforce this policy 
item or remind about it in the documentation.

The consequences of this bug in the worst case are the consequences of 
having non-conformant IDs on the system. Those in turn depend on the 
assumptions made based on the policy item.

I propose the following changes:

1. When adduser or addgroup is going to add an id < 100, it prints a 
   warning message about policy to stderr: "Warning! According to Debian 
   Policy, system administators shouldn't create UIDs < 100."

2. The adduser man page excerpt says "by default choosing" instead of 

3. /etc/adduser.conf and the adduser.conf man page include in their 
   documentation of FIRST_SYSTEM_UID the note: "Please note that system 
   software may assume that UIDs less than 100 are unallocated."

-- Trying to catch me? Just follow up my Electric Fingerprints
-- To help you: Tuukka.Hastrup at iki.fi

More information about the Adduser-devel mailing list