pam: Use minimum_uid=2000 instead of 1000

LDAP users now use uids starting at 2000, to prevent confusion with the
users in the host and to potentially allow local users to be created in
the containers as well, if it's ever needed.

diff --git a/etc/pam.d/common-account b/etc/pam.d/common-account
index cc1157f5e36636c8a596a32296a635d93f009aa1..5f349fba51afebf8a72eee2d46132e47340df952 100644 (file)
--- a/etc/pam.d/common-account
+++ b/etc/pam.d/common-account
@@ -14,4 +14,4 @@ account               required        pam_unix.so
 # module return 'ignore' instead of 'user_unknown' for local users, which gets
 # handled by 'required' properly (without having to specify a verbose custom
 # thing).
-account                required        pam_ldap.so ignore_unknown_user minimum_uid=1000
+account                required        pam_ldap.so ignore_unknown_user minimum_uid=2000