Comment 18 for bug 2004092

Just to catch the bug report up with the IRC discussion:

<vorlon> we got away with it in casper because we knew there weren't going to be 899 IDs allocated in this range in the installer context, and the casper user goes away post-install
<vorlon> systemd doesn't statically set them, it allocates them using "first available" ID at boot time; however, it seems to start checking "first available" from the other direction
<vorlon> from a policy perspective, I think the biggest bug is: policy says to use adduser; adduser has a config file that lets the admin change the allowed range (to subset it, perhaps, for compatibility with "legacy" IDs shared across an authentication domain); systemd doesn't honor adduser.conf but instead has its limit hard-coded at build time
<enr0n> vorlon: I'll look into the adduser.conf piece specifically. But note that we as a distro can configure systemd's boundaries at build time
<vorlon> enr0n: yes, but the disconnect is with it not honoring changes specified by the admin at runtime