Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Feb 2001 21:46:34 -0500
From:      "Matthew Emmerton" <matt@gsicomp.on.ca>
To:        <freebsd-questions@FreeBSD.ORG>, "Ronald F. Guilmette" <rfg@monkeys.com>
Subject:   Re: Maximum accounts per system (?)
Message-ID:  <001101c097c2$ad792060$1200a8c0@gsicomp.on.ca>
References:  <15746.982285684@monkeys.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> In the man page for adduser(8) I see the following:
>
>     uid     Automatically generated or your choice, must be less than
32000.
>
> I have a number of questions about this ``magic number'' 32,000.
>
> Where did this come from?  What is its significance?

It's a rounded-off version of 32,767, which is the maximum value of a signed
short (2-byte int).

> More importantly, I have to ask... Are there really no FreeBSD systems
> in existance that have more than 32,000 user accounts??

Most likely not -- why would you?

Now to contradict myself, an ISP I used to work for used to use SCO for
their login servers since it could handle >32K users on a box.  Their
largest box had over 70k users on it -- and even with some patches from SCO,
account creation was an exponential time algorithm.

Nowadays, authentication from databases via PAM or RADIUS as well as mail
delivery directly to a database elimintates then need for shell accounts --
so most boxes can get away with root and a few admin logins.

> Also, looking in /usr/include/sys/types.h I see that the `uid_t' type is
> defined to be the same as a `u_int32_t'.  The implication of that fact
> would seem to be that I really _ought_ to be able to create at least about
> 4 billion separate accounts on one single FreeBSD system.
>
> So what gives?  Why can't I?

I just hacked /etc/master.passwd by hand and added a user with uid/gid of
64000, did a 'pwd_mkdb -p master.passwd' and all seems well - I can log in
as that new user and things seem to work fine.

I noticed a quote in the source for pwd_mkdb that stated that "some software
assumes that IDs are short."  So most likely the 32k restriction is due to
historical reasons.

If you choose to modify the adduser script to support >32k users, then be
aware that some applications may treat UIDs as shorts - for example, 32768
as a signed short is 0 - and I'm sure you can see the potential problem
there.

--
Matt Emmerton



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001101c097c2$ad792060$1200a8c0>