You are not logged in.
Pages: 1
I had a look at /etc/passwd and saw a lot of usernames which I've no idea what they are used for:
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
mail:x:8:12:mail:/var/spool/mail:
ftp:x:14:11:ftp:/home/ftp:
nobody:x:99:99:nobody:/:
Can someone explain what are all these usernames for? Can I make their shell /sbin/nologin or do they need a shell?
Thanks in advance.
Some PKGBUILDs: http://members.lycos.co.uk/sweiss3
Offline
Well, they're just users created for the needs of running different daemons. It seems that in Arch bin is used by portmap, nobody by samba/http, ftp and mail are self-explanatory. daemon is probably used by some daemon as well, as the name indicates ;-)
They don't need to have shell defined (including /bin/false - there's no /sbin/nologin in Arch), because their passwords are blank and passwordless logins ought to be forbidden. Or something like that ;-)
It wouldn't hurt to add /bin/false as their shell to be utterly sure noone's gonna break into that account, but I remember I had some problems with vsftpd (or was it pure-ftpd) with ftp account using /bin/false.
Offline
It is safer to run a daemon as a non-root user. If an intruder, in case of an exploit, manages to break into the system, he(m/f) will not have superuser rights.
Offline
Well, they're just users created for the needs of running different daemons. It seems that in Arch bin is used by portmap, nobody by samba/http, ftp and mail are self-explanatory. daemon is probably used by some daemon as well, as the name indicates ;-)
They don't need to have shell defined (including /bin/false - there's no /sbin/nologin in Arch), because their passwords are blank and passwordless logins ought to be forbidden. Or something like that ;-)
It wouldn't hurt to add /bin/false as their shell to be utterly sure noone's gonna break into that account, but I remember I had some problems with vsftpd (or was it pure-ftpd) with ftp account using /bin/false.
Oh, I see. In that case, I'd leave it as is. I was wondering what's Arch's equivalent to /sbin/nologin, thanks for that.
Thank you both for the explanations.
Some PKGBUILDs: http://members.lycos.co.uk/sweiss3
Offline
Pages: 1