From: Peter Korsgaard <peter@korsgaard.com>
Date: Thu, 25 Aug 2016 21:47:16 +0000 (+0200)
Subject: system/skeleton: use uid/gid 65534 for nobody/nogroup
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=9c67af2c524ad2b6585af2f5e43f76dacd7cc109;p=buildroot.git

system/skeleton: use uid/gid 65534 for nobody/nogroup

As recently discussed on lwn.net: https://lwn.net/Articles/695478/

The kernel has special behaviour for uid/gid 65534:

1. The kernel maps UIDs > 65535 to it when some subsystem/API/fs
   only supports 16bit UIDs, but a 32bit UID is passed to it.

2. it's used by the kernel's user namespacing as the internal UID
   that external UIDs are mapped to that don't have any local mapping.

3. It's used by NFS for all user IDs that cannot be mapped locally if
   UID mapping is enabled.

Most distributions already map (or are in the progress of changing)
nobody/nogroup to the 65534 uid/gid, so lets do so as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---

diff --git a/system/skeleton/etc/group b/system/skeleton/etc/group
index c813da2022..76346b35f2 100644
--- a/system/skeleton/etc/group
+++ b/system/skeleton/etc/group
@@ -22,5 +22,5 @@ plugdev:x:46:
 staff:x:50:
 lock:x:54:
 netdev:x:82:
-nogroup:x:99:
 users:x:100:
+nogroup:x:65534:
diff --git a/system/skeleton/etc/passwd b/system/skeleton/etc/passwd
index 883265ad6f..d8281d2585 100644
--- a/system/skeleton/etc/passwd
+++ b/system/skeleton/etc/passwd
@@ -6,4 +6,4 @@ sync:x:4:100:sync:/bin:/bin/sync
 mail:x:8:8:mail:/var/spool/mail:/bin/false
 www-data:x:33:33:www-data:/var/www:/bin/false
 operator:x:37:37:Operator:/var:/bin/false
-nobody:x:99:99:nobody:/home:/bin/false
+nobody:x:65534:65534:nobody:/home:/bin/false