UIDs in /etc/passwd file

vvpotugunta · April 7, 2009, 6:08am

Hi all,

I am bit confused about UIDs on my server where LDAP athentication happens. UIDs are generally in the range of 0-65534 for any Solaris OS version(correct if i am wrong). My server is running on Solaris 9. Below are user accounts available on my server.

kumars94:x:802575120:502::/export/home/kumars94:/bin/sh
shetyeaa:x:802575121:502::/export/home/shetyeaa:/bin/sh
saddiv:x:802575122:502::/export/home/saddiv:/bin/sh

In Solaris Student guide, it is given like UIDs above 65535 will not be having enough privileges as normal user who have their UIDs below 65534. Could you please explain:confused: .......

incredible · April 7, 2009, 8:02am

why dont you try logging in as any of the users mentioned and see what priviledge its missing or is there "permission denied" kind of error prompted by the system for any commands

jlliagre · April 7, 2009, 8:20am

The maximum UID has been raised to 2147483648 since Solaris 2.5.1( around 1996).

I'm not aware of any privilege restrictions linked to uids, outside specific ones like 60000, 60002 and 65534 in the context of NFS.

incredible · April 7, 2009, 8:38am

great information.. you googled it somewhere?

jlliagre · April 7, 2009, 10:27am

Google is not (yet?) informed of what I'm aware of or not ...

TonyFullerMalv · April 7, 2009, 7:53pm

I am aware of HP-UX NFS servers (serving NFS V3) that do not support UID's of over 64,000 (probably is actually a maximum of 65,536).

vvpotugunta · April 9, 2009, 3:53am

Thanks for your updates....

I do not have root access on my server and that too all user accounts work fine as per my knowledge.....because one of those accounts is my collegue's account which is working fine.

[LEFT]Note - The maximum value for a UID is
2147483647. However, the UIDs over 60000 do not
have full utility and are incompatible with some
Solaris OS features. Avoid using UIDs over 60000
so as to be compatible with earlier versions of the
operating system.

Above is the note taken from Solaris Student guide.

From above note, any idea on "Do not have full utility and are incompatible with some OS features" means?????

Thanks in advance........
[/LEFT]

jlliagre · April 9, 2009, 4:19am

I think that note is precisely referring to the NFS specific accounts I already mentioned.

Otherwise, unless you use a really old (>13 years) Solaris release, there should be no problem using large UIDs.

TonyFullerMalv · April 9, 2009, 2:55pm

I remember having problems with group names that were too long causing the output of "ls -l" to have the owner and group names to crash into each other (no space in between), a UID with extra digits could cause problems when doing an "ls -ln" could suffer the same problem.

jlliagre · April 9, 2009, 5:49pm

Although useradd and groupadd complain about long names, neither them nor long ids seems to hurt ls with Solaris:

$ pfexec groupadd -g 2147483647 biggroupbiggroupbiggroupbiggroup
UX: groupadd: biggroupbiggroupbiggroupbiggroup name too long.
$ pfexec useradd -u 2147483647 -g biggroupbiggroupbiggroupbiggroup biguserbiguserbiguserbiguser
UX: useradd: biguserbiguserbiguserbiguser name too long.
UX: useradd: biggroupbiggroupbiggroupbiggroup name too long.
$ pfexec su biguserbiguserbiguserbiguser               
$ id
uid=2147483647(biguserbiguserbiguserbiguser) gid=2147483647(biggroupbiggroupbiggroupbiggroup)
$ cd /tmp
$ touch foo
$ ls -ln foo
-rw-r--r--   1 2147483647 2147483647       0 avr   9 22:22 foo
$ ls -l foo
-rw-r--r--   1 biguserbiguserbiguserbiguser biggroupbiggroupbiggroupbiggroup       0 avr   9 22:22 foo

TonyFullerMalv · April 10, 2009, 4:20pm

Interesting! I can't remember which version of Solaris I had the problem with, probably Solaris 2.6 (on Sparc of course)..