Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SUB_UID_MIN/MAX/COUNT, SUB_GID_MIN/MAX/COUNT #463

Merged
merged 2 commits into from
Jul 16, 2021
Merged

Add SUB_UID_MIN/MAX/COUNT, SUB_GID_MIN/MAX/COUNT #463

merged 2 commits into from
Jul 16, 2021

Conversation

elgalu
Copy link
Contributor

@elgalu elgalu commented Jul 12, 2021

Similar reason as #461

If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate user IDs)
allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for each new user.
The default values for SUB_UID_MIN, SUB_UID_MAX, SUB_UID_COUNT are respectively 100000, 600100000 and 65536.

@elgalu
add SUB_UID_MIN/MAX/COUNT, SUB_GID_MIN/MAX/COUNT
c09a14c 
Similar reason as dev-sec#461

> If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate user IDs)
> allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for each new user.
> The default values for SUB_UID_MIN, SUB_UID_MAX, SUB_UID_COUNT are respectively 100000, 600100000 and 65536.

Signed-off-by: Leo Gallucci <elgalu3@gmail.com>
@rndmh3ro
Copy link
Member

Looks good. However with so many new variables, we should add these to the README.
You could then also add the vars from here to the readme: #461

@elgalu
document SUB_UID_MIN/MAX/COUNT, etc
a5816eb 
Signed-off-by: Leo Gallucci <elgalu3@gmail.com>
@elgalu
Copy link
Contributor Author

elgalu commented Jul 15, 2021

good idea @rndmh3ro , done!

@rndmh3ro rndmh3ro merged commit 585f1dc into dev-sec:master Jul 16, 2021
@rndmh3ro
Copy link
Member

Thanks!

@elgalu elgalu deleted the add-subuid-subgid branch July 16, 2021 07:42
divialth pushed a commit to divialth/ansible-collection-hardening that referenced this pull request Aug 3, 2022
@elgalu
Add SUB_UID_MIN/MAX/COUNT, SUB_GID_MIN/MAX/COUNT (dev-sec#463)
902eb41 
* add SUB_UID_MIN/MAX/COUNT, SUB_GID_MIN/MAX/COUNT

Similar reason as dev-sec#461

> If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate user IDs)
> allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for each new user.
> The default values for SUB_UID_MIN, SUB_UID_MAX, SUB_UID_COUNT are respectively 100000, 600100000 and 65536.

Signed-off-by: Leo Gallucci <elgalu3@gmail.com>

* document SUB_UID_MIN/MAX/COUNT, etc

Signed-off-by: Leo Gallucci <elgalu3@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement minor os_hardening
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elgalu @rndmh3ro