dummy users & passwords

peets · 2008-03-05 05:26:28

I'm trying to ape what the big kids do.

mpd changes to user "mpd" when it's started as root, just in case.

I want to do the same thing with btgdaemon (available in the AUR).

So I do this:

~ $ sudo groupadd btg
~ $ sudo useradd -g btg btg
~ $ su btg
Password: 
su: incorrect password

I never specified a password for the "btg" user. How will it be able to log in?

As I was writing this, specifically the "it's started as root" part, I tried this:

[peets] $ su
Password: 
[root]# su btg
[btg]$ echo "Hay, no passwd!"

Never underestimate the power of root. It can log in as non-root users without a password!

I chose to finish writing this post for humorous and/or educational purposes.

I'll go play with the big kids now.

valnour · 2008-03-05 05:55:52

Shouldn't you also change the login shell of a dummy user like this to "/sbin/nologin" or "/bin/false"?

peets · 2008-03-05 13:00:03

I'm not sure if I should do that.

If I get rid of the login shell, I can't use constructs like

su btg -c someprogram

because "someprogram" has to be interpreted by a shell.

However, I just noticed there's a "run as user/group" option for btg, which probably translates to a "setuid" system call, which doesn't require a login shell, I think. I'll try it.

Looking through the /etc/passwd file, I see a lot of users have "/bin/false" as their login shell. mpd has "/bin/true" -- if mpd can do it, so can I!

So, thanks for the tip: things will be more elegant if the system enforces the fact that user "btg" should not login.

Edit: the "runas" option works! I now start btg as root; it immediately changes UID to btg, and no login shell is required.

Last edited by peets (2008-03-05 13:53:40)

Arch Linux

#1 2008-03-05 05:26:28

dummy users & passwords

#2 2008-03-05 05:55:52

Re: dummy users & passwords

#3 2008-03-05 13:00:03

Re: dummy users & passwords

Board footer