2

I thought gid is automatically assigned when I create a group. But I found a chef receipt file that assigns a number 403 to gid directly. https://github.com/treasure-data/chef-td-agent/blob/master/recipes/default.rb

Does it not cause a overlapping gids? And what is the reason when you assign a gid explicitly?

ironsand
  • 5,205

1 Answers1

1

New users typically get assigned at gid 500. You can change this by modifying UID_MIN in /etc/login.def

( Note: Some older distros started at 100, and some new distros made 1000 the default).

Users below the UID_MIN are non system users (eg. apache, tomcat, ect..).

The author of the recipe likely piked a random number less than 500 and claimed it for their own purposes. While it is not best practice, it is unlikely another program is hard coded to use 403.

A better approach would have been for the recipe author to set system = true at the user creation. 

user 'td-agent' do
  comment  'td-agent'
  system   true
   ....
end

http://docs.opscode.com/resource_user.html

Additional Resources

What are the dangers of creating a normal user with UID < 500?

Community
  • 1
spuder
  • 18,053