Page MenuHomePhabricator
Create Task
Maniphest T121610

system users with UIDs > 500
Open, MediumPublic
Actions

Description

when looking at T120585 i saw that we have quite a few more system users that are not actually system user per "UID < 500".

on mira:

pybal-check:x:10003:
releases:x:10004:
keyholder:x:1000:

on tin:

sartoris:x:10003:
trebuchet:x:10004:
pybal-check:x:10005:
releases:x:10007:
keyholder:x:10008:

Should all of these be fixed then and:

  • moved to UIDs under 500
  • marked "system => true" in puppet
  • manually fixed to change all the file ownerships
  • ensured they are the same on both tin and mira
  • update https://wikitech.wikimedia.org/wiki/UID to reflect the situation

?

Related Objects
Search...

StatusSubtypeAssignedTask
 OpenNoneT121610 system users with UIDs > 500
 DeclinedNoneT120585 Make l10nupdate user a system user

Event Timeline

Dzahn created this task.Dec 16 2015, 1:17 AM
Dzahn raised the priority of this task from to Needs Triage.
Dzahn updated the task description. (Show Details)
Dzahn added a project: SRE.
Dzahn added subscribers: Dzahn, faidon, bd808.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptDec 16 2015, 1:17 AM
Dzahn added a subtask: T120585: Make l10nupdate user a system user.Dec 16 2015, 1:17 AM
Dzahn added a comment.Dec 16 2015, 1:20 AM

https://docs.puppetlabs.com/references/latest/type.html#user-attribute-system

system

Whether the user is a system user, according to the OS’s criteria; on most platforms, a UID less than or equal to 500 indicates a system user. This parameter is only used when the resource is created and will not affect the UID when the user is present. Defaults to false.

Valid values are true, false, yes, no.

Dzahn triaged this task as Medium priority.Dec 16 2015, 1:21 AM
Phabricator_maintenance moved this task from Backlog to Acknowledged on the SRE board.Jan 26 2019, 8:27 PM
MoritzMuehlenhoff added a project: User-MoritzMuehlenhoff.May 27 2020, 1:50 PM
Dzahn added a project: Infrastructure-Foundations.Dec 1 2022, 12:32 AM
Dzahn added a comment.Dec 1 2022, 12:34 AM

This is old but I think it can be translated to "create all system users with systemd::sysuser in puppet" nowadays.

taavi closed subtask T120585: Make l10nupdate user a system user as Declined.Jun 8 2023, 3:13 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL