id ranges: change DNA configuration

Change the way we specify the id ranges to force uid and gid ranges to always be the same. Add option to specify a maximum id. Change DNA configuration to use shared ranges so that masters and replicas can actually share the same overall range in a safe way. Configure replicas so that their default range is depleted. This will force them to fetch a range portion from the master on the first install. fixes: https://fedorahosted.org/freeipa/ticket/198
2025-02-25 18:55:28 -06:00 · 2010-11-11 18:15:28 -05:00
parent 61e2016ee3
commit 6a5c4763af
9 changed files with 68 additions and 72 deletions
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -95,11 +95,8 @@ The password of the Directory Server PKCS#12 file
 \fB\-\-http_pin\fR=\fIHTTP_PIN\fR
 The password of the Apache Server PKCS#12 file
 .TP
-\fB\-\-uidstart\fR=\fIUIDSTART\fR
-The starting user id number (default random)
-.TP
-\fB\-\-gidstart\fR=\fIGIDSTART\fR
-The starting group id number (default random)
+\fB\-\-idstart\fR=\fIIDSTART\fR
+The starting user and group id number (default random)
 .TP
 \fB\-\-subject\fR=\fISUBJECT\fR
 The certificate subject base (default O=REALM.NAME)