kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Document UID 850 as permanent — never change

Browse Source 
Rootless podman deeply caches the UID in storage, subuid mappings,
and systemd sessions. Changing it destroys all container state.
Reference: log/2026-04-03-uid-incident.md

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-04-03 09:30:37 -07:00
parent 5d82e27ba4
commit 47b4e533ff
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
configs/mcp.nix
View File

@@ -7,7 +7,9 @@
{
users.users.mcp = {
isSystemUser = true;
uid = 850; # Pinned to avoid auto-assign conflicts (800-899 range is unused on all nodes).
uid = 850; # NEVER CHANGE. Rootless podman caches the UID in storage, subuid mappings,
# and systemd sessions. Changing it destroys all container state.
# See log/2026-04-03-uid-incident.md.
group = "mcp";
home = "/srv/mcp";
shell = pkgs.shadow; # nologin equivalent