Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.0.0-Ducc
-
None
Description
Modify rogue process detector to skip over processes owned by UID < 500. By convention these are system processes and thus not rogue. This simplifies configuration of DUCC. Currently DUCC admin must maintain a list of users to skip in the exclusion list defined in ducc.properties.
Wikipedia says:
"Convention reserves UIDs from 1 to 100 for system use; some manuals recommend reserving UIDs from 101 up to 499 (Red Hat Enterprise Linux) or even up to 999 (Debian) as well. "
Recent SLES systems show in /etc/login.defs:
SYSTEM_GID_MAX 499