[Samba] Back with my UID problems

Brett Wynkoop wynkoop+samba at wynn.com
Thu Feb 26 18:10:40 MST 2015

On Fri, 27 Feb 2015 00:18:24 +0000
Rowland Penny <rowlandpenny at googlemail.com> wrote:

> 34, you are seriously using 34 for a standard user id number ? You 
> shouldn't use anything below 1000 for a normal user, these low
> numbers are reserved for system use and you have run into a problem
> that can only be fixed by not using such low numbers. The 3000014
> number is coming from idmap.ldb but the group number is coming
> from /etc/group (or whatever it is called on freebsd)
> Rowland


Again wind issues forth with no meaning.

Where does your "Wisdom" about no UID below 1000 come from?

Back 30 years ago when I started with Unix, and this network was first
set up the normal practice was to start regular users at 100, with
below 100 being reserved for SYSTEMS STAFF and System Processes.
Typically on a stock Sun box running NIS the NIS maps were built
starting at 100 and systems staff were below that so that if NIS failed
systems staff could still log into a box to fix things.

As I recall the UID starting convention for POSIX systems started to
creep higher than 100 with the copy-cat called Gnu/Linux.  If I recall
correctly the first time I saw 501 as a default starting UID was with
Debian years ago.  Every Mac that rolls off the factory floor is set to
start ordinary users at 501 today.  Yes many of the various GNU/Linux
distributions have adopted 1000 and above for REGULAR USERS, but there
is no technical reason for it, and in fact unless, as is the case with
NIS, there is a table saying do not put this UID in the map there is no
reason that 34 should not happily go into the Samba directory service.  

I will take a moment to point out in the case of NIS it was, and is
possible by changing a single thing in the Makefile used for making the
maps to set whatever cutoff UID you wish, and to include random UIDs in
the maps as well.

I would submit that if Samba can not do this then Samba 4 is broken.
What is even more broken is that samba-tool silently accepted 34 as a
UID and created the samba user.  If UIDs below 1000 are forbidden then a
properly written program would have thrown an exception.

There are many TB of data on the network.  Most of the UIDs are below
1000, in fact most are below 500. 

Can you provide considered technical reasons that Samba can NO LONGER
HANDLE whatever UID the admin wishes to assign? 

It would seem to me what you said is "You found a bug and the samba
core team does not want to fix it", but what do I know I have only been
hacking on Unix boxes since about 1982 or 1983.

If anyone else on the list has insight into the situation I would
appreciate hearing from you.  I am too involved in the FreeBSD arm port
to devote time to reading the samba sources to find the bug.



wynkoop at wynn.com               http://prd4.wynn.com/wynkoop/pgp-keys.txt

"The strongest reason for the people to retain the right to keep 
and bear arms is, as a last resort, to protect themselves against 
tyranny in government" - Thomas Jefferson. 

More information about the samba mailing list