[vox-tech] Migration from UNIX to Redhat
ME
vox-tech@lists.lugod.org
Mon, 16 Jun 2003 10:17:05 -0700 (PDT)
Bill Kendrick said:
> On Mon, Jun 16, 2003 at 09:49:49AM -0700, ME wrote:
>>
>> You won't want to copy the *system* usernames/groups and their
>> associated
>> uid/gid though -- just the users on the system.
>
> Not that I foresee myself doing something like this any time soon, but I'm
> curious...
>
> What's the best way to determine what are "system" usernames and groups?
Ranges of numbers are big clues. Many systems use the first group (say
1-100, or 1-499 or 1-999) for system accounts. They then start the "real
user" accounts at some number (like 100, 500, or 1000.) Then there are
often extra accounts beyond the normal user groups (like the nobody
account) that uses the last ID in the system (16-bit max int (unsigned or
signed)) even though some systems can take larger values.
(An old hack on some older *NIX systems was to create a UID that w "1"
higher than the max unsigned int for UID. Such an account would read as
being a very high number, but in reality, read by many apps as UID 0. ;-)
I expect such hacks are not so much of a problem now.
> I'm guessing under Linux that there's a _fairly_ well-defined standard
> that one can just look up in a book, ask here, or do a Google search for.
Hm.. Maybe now there is something, but back in the early days, the
different distros would often choose different ranges and starting points
for normal user accounts. Maybe they all share a common standard now.(?)
> But there are so many weird permutations of "Unix" out there, that I bet
> there's stuff that a newbie like me wouldn't recognize.
You are not a newbie.
> Somewhat-related, anyone got a good pointer to a web-page that explains
> "wheel", what it's for, and where it came from?
I like the comment about the lack of support for the wheel group in GNU
software. :-)
http://cclib.nsu.ru/projects/gnudocs/gnudocs/sh-utils/sh-utils_72.html
[chop]
Why GNU su does not support the `wheel' group
(This section is by Richard Stallman.)
Sometimes a few of the users try to hold total power over all the rest.
For example, in 1984, a few users at the MIT AI lab decided to seize power
by changing the operator password on the Twenex system and keeping it
secret from everyone else. (I was able to thwart this coup and give power
back to the users by patching the kernel, but I wouldn't know how to do
that in Unix.)
However, occasionally the rulers do tell someone. Under the usual su
mechanism, once someone learns the root password who sympathizes with the
ordinary users, he or she can tell the rest. The "wheel group" feature
would make this impossible, and thus cement the power of the rulers.
I'm on the side of the masses, not that of the rulers. If you are used to
supporting the bosses and sysadmins in whatever they do, you might find
this idea strange at first.
[chop]