How to replace built-in system groups with SSSD LOCAL Domain groups?

asked 2015-05-02 12:26:12 -0500

Luis Marsano gravatar image

I'd like to replace /etc/group based wheel with a wheel of identical GID in domain LOCAL. However, it won't let me.

# groupdel wheel
# sss_groupadd -g 10 wheel
The selected GID is outside the allowed range
# cat /etc/sssd/sssd.conf
[sssd]
domains = LOCAL
config_file_version = 2
services = nss, pam

[nss]
shell_fallback = /bin/zsh
default_shell = /bin/zsh

[domain/LOCAL]
enumerate = TRUE
id_provider = local

man 5 sssd.conf says the GID is within default limits

min_id,max_id (integer)
           UID and GID limits for the domain.
           […]
           Default: 1 for min_id, 0 (no limit) for max_id

How do I create the wheel group with GID 10 in domain LOCAL? Is it possible to do this?

edit retag flag offensive close merge delete