On Sun, Jan 25, 2015 at 02:27:06PM +0100, Bastian Blank wrote: > On Thu, Jan 22, 2015 at 04:44:22PM +0000, Matthew Vernon wrote: > > Here's a patch to document the 32-bit nature of UIDs, in line with Ben's > > suggestion (which seems sound to me). > > I miss the special case of 32-bit wide -2, aka nobody as used by nfs. > It should be reserved at least.
Please find an updated patch. Do you have a reference for this I could add ? Does it look OK ? Cheers, -- Bill. <[email protected]> Imagine a large red swirl here.
diff --git a/debian/changelog b/debian/changelog index 0ade396..28ce1e9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,12 @@ debian-policy (3.9.7.0) unstable; urgency=low * Policy: refreshed the names of the Policy Editors. + * Policy: [9.2.2] document 32-bit uids + Wording: Matthew Vernon <[email protected]> + Seconded: Russ Allbery <[email protected]> + Seconded: Bill Allombert <[email protected]> - -- Bill Allombert <[email protected]> Sat, 22 Nov 2014 16:00:10 +0100 + -- Bill Allombert <[email protected]> Sat, 31 Jan 2015 17:00:41 +0100 debian-policy (3.9.6.1) unstable; urgency=low diff --git a/policy.sgml b/policy.sgml index 7bb703b..cf4174c 100644 --- a/policy.sgml +++ b/policy.sgml @@ -7351,6 +7351,36 @@ rmdir /usr/local/share/emacs 2>/dev/null || true <tag>65535:</tag> <item> <p> + This value <em>must not</em> be used, because it was + the error return sentinel value when <tt>uid_t</tt> + was 16 bits. + </p> + </item> + + <tag>65536-4294967293:</tag> + <item> + <p> + Dynamically allocated user accounts. By + default <prgn>adduser</prgn> will not allocate UIDs + and GIDs in this range, to ease compatibility with + legacy systems where <tt>uid_t</tt> is still 16 + bits. + </p> + </item> + + <tag>4294967294:</tag> + <item> + <p> + <tt>(uid_t)(-2) == (gid_t)(-2)</tt> <em>must + not</em> be used, because it is mistaken for + <tt>65534</tt> <prgn>nobody</prgn> by some + programs. + </p> + </item> + + <tag>4294967295:</tag> + <item> + <p> <tt>(uid_t)(-1) == (gid_t)(-1)</tt> <em>must not</em> be used, because it is the error return sentinel value.
