subgid — the subordinate gid file
Description
Each line in /etc/subgid contains a user name and a range of subordinate group ids that user is allowed to use. This is specified with three fields delimited by colons (“:”). These fields are:
- login name or UID
- numerical subordinate group ID
- numerical subordinate group ID count
This file specifies the group IDs that ordinary users can use, with the newgidmap command, to configure gid mapping in a user namespace.
Multiple ranges may be specified per user.
When large number of entries (10000-100000 or more) are defined in /etc/subgid, parsing performance penalty will become noticeable. In this case it is recommended to use UIDs instead of login names. Benchmarks have shown speed-ups up to 20x.
Files
- /etc/subgid
Per user subordinate group IDs.
- /etc/subgid-
Backup file for /etc/subgid.
See Also
login.defs(5), newgidmap(1), newuidmap(1), newusers(8), subuid(5), useradd(8), userdel(8), usermod(8), user_namespaces(7).
Referenced By
newgidmap(1), newusers(8), podman(1), podman-create(1), podman-run(1), subuid(5), useradd(8), userdel(8), usermod(8), user_namespaces(7).