login.defs/redhat: set SYS_UID_MIN and SYS_GID_MIN

According to [1], UIDs and GIDs between 0 and 200 are reserved for some services, including OpenStack services. Puppet OpenStack is deploying OpenStack using RDO packaging and there is currently a race condition where sometimes RabbitMQ is installed *before* Keystone and steals its UID, Keystone fails to be installed, and CI job is failing. This patch prevents this situation by setting both SYS_UID_MIN and SYS_GID_MIN ti 201, so packages using dynamic UID/GID won't steal reserved ones. [1] https://git.fedorahosted.org/cgit/setup.git/tree/uidgid Change-Id: I7cc41adc7e6070c32d9a56940a67640ab4419e7e
2016-03-03 23:09:40 -05:00 · 2016-03-03 23:09:40 -05:00 · 6abde2074e
commit 6abde2074e
parent 8410c92086
1 changed files with 2 additions and 0 deletions
--- a/modules/openstack_project/files/login.defs.redhat
+++ b/modules/openstack_project/files/login.defs.redhat
@ -30,6 +30,7 @@ PASS_WARN_AGE	7
 #
 # Min/max values for automatic uid selection in useradd
 #
+SYS_UID_MIN		  201
 SYS_UID_MAX		  499
 UID_MIN			 3000
 UID_MAX			60000
@ -37,6 +38,7 @@ UID_MAX			60000
 #
 # Min/max values for automatic gid selection in groupadd
 #
+SYS_GID_MIN		  201
 SYS_GID_MAX		  499
 GID_MIN			 3000
 GID_MAX			60000