> The UID range 0 through 999 is generally reserved in modern Linux systems. > This is defined in /etc/login.defs as UID_MIN. See > login.defs(5) or the systemd documentation at https://systemd.io/UIDS-GIDS/. > > While you can probably force these lower uid's to be allowed to login by > tweaking UID_MIN you'd have to do it on every client system from now until > eternity. > > I realize it will be painful to modify existing files ownership it is > probably the best solution in the long run. > > rob
Oof...you are correct. I was working on the assumption that the login.defs stuff was for choosing new IDs with adduser, etc. - but it does appear to be affecting the ability for IPA to allow password logins as well. It doesn't affect ssh key logins, however. I'd love to figure out what mechanism is affecting it. Modifying login.defs isn't too much of a problem as automation is in use, but then I run the risk of local generated accounts conflicting. ☹ Not changing it means having to scour through millions of files to adjust ownerships... -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
