On Thu, 2012-07-19 at 07:36 -0400, Stephen Gallagher wrote: > On Thu, 2012-07-19 at 00:53 +0000, Steven Jones wrote: > > Actually its pam....unless IPA is as well. > > > > Which makes sense then to have an application run < 500 so inherently it > > cannot be logged into via ssh.... > > Well, it's possible to configure your system to allow logging in to > users below 500, but it's not recommended. The real risk is of having > system services with an ID that conflicts with a user.
In general we do not recommend to set ids on your own, let ipa choose IDs unless you have a constraint that prevents you from letting that happen. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
