uid counter for new users

Version 1.337

Feature
Finished

This is a security feature where DirectAdmin manages 2 files: /usr/local/directadmin/data/admin/high_uid.number /usr/local/directadmin/data/admin/high_gid.number these files contain the last highest uid/gid values created through DA. Upon creating new Users, DA will check these 2 files, as well as the /etc/passwd and /etc/group, and check to see what the current high uid/gid values are, and use that value+1 for the next User (followed by saving the high_uid.number and high_gid.number with these new values). The benefit of this, regarding security, is that the same uid/gid values are never used again after a User is deleted. All new Users get a new, never before used id value. This ensures that no lingering files on the system can have any effect on their new account. High values in the /etc/passwd and /etc/group files greater or equal to 40000 are ignored. This is because by default there are some system accounts (eg: nobody:65534) that exist there already, and we don't want to create users higher than that. For any systems that do a lot of adding/removing of users, or that simply have a very high number of users, these 2 counter files may grow very quickly. If you need to disable this feature, simply add: use_uid_counting=0 to your directadmin.conf file, and restart DA, then the old method of letting the useradd/pw commands decide ids, is used. The internal default is 1, so this feature is enabled by default.

Interested to try DirectAdmin? Get a 30-day Free Trial!