Man page - subgid(5)

Packages contains this manual

Package: passwd
apt-get install passwd

Manuals in package:

Documentations in package:

passwd

Available languages:

en fr

Manual

SUBGID

NAME
DESCRIPTION
LOCAL SUBORDINATE DELEGATION
FILES
SEE ALSO

NAME

subgid - the configuration for subordinate group ids

DESCRIPTION

Subgid authorizes a group id to map ranges of group ids from its namespace into child namespaces.

The delegation of the subordinate gids can be configured via the subid field in /etc/nsswitch.conf file. Only one value can be set as the delegation source. Setting this field to files configures the delegation of gids to /etc/subgid. Setting any other value treats the delegation as a plugin following with a name of the form libsubid_$value.so . If the value or plugin is missing, then the subordinate gid delegation falls back to files .

Note, that newusers , useradd , and usermod will only create entries in /etc/subgid if subid delegation is managed via subid files.

LOCAL SUBORDINATE DELEGATION

Each line in /etc/subgid contains a user name and a range of subordinate group ids that user is allowed to use. This is specified with three fields delimited by colons (“:”). These fields are:

• login name or UID

• numerical subordinate group ID

• numerical subordinate group ID count

This file specifies the group IDs that ordinary users can use, with the newgidmap command, to configure gid mapping in a user namespace.

Multiple ranges may be specified per user.

When large number of entries (10000-100000 or more) are defined in /etc/subgid, parsing performance penalty will become noticeable. In this case it is recommended to use UIDs instead of login names. Benchmarks have shown speed-ups up to 20x.

FILES

/etc/subgid

Per user subordinate group IDs.

/etc/subgid-

Backup file for /etc/subgid.