UID and GID uniqueness is not checked. --uid and --gid parameters can be misused to create users/groups with the same UID/GID. If there is no valid case for non-unique UID/GID we should implement this check to user/group ADD/MODIFY commands.
https://bugzilla.redhat.com/show_bug.cgi?id=697887
Another bug talks about similar issues. https://bugzilla.redhat.com/show_bug.cgi?id=698258
We need to document this well.
We decided to document it and explain how it works. It is not a dev task any more.
I added this note to the section on adding users and groups: http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/adding-users.html
I also added this to the part on configuring the ID ranges for the server: http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/Managing-Unique_UID_and_GID_Attributes.html
I'm going to expand the adding users section, so I'll add some more detail then when I add an example with --uid/--gid.
Metadata Update from @mkosek: - Issue assigned to elladeon - Issue set to the milestone: FreeIPA 2.1 - 2011/07
Login to comment on this ticket.