Hello everyone!
I'm wondering which users are really mandatory to be in the master.passwd? This is for a jailed system that should be something of a 'freebsd playworld'. So not for a specific service to be jailed, but for a limited 'normal' system with services like, apache, sshd, ftp and such typical ones.
But because it will run with kern.securelevel=3 several things are not needed or wanted. Shared memory is disabled, too.
I ended up with these
This does NOT include users for apache, dovecot etc.
Please let me now if I miss some important ones or if I could remove some of these, too.
Thanks!
Jimmy
I'm wondering which users are really mandatory to be in the master.passwd? This is for a jailed system that should be something of a 'freebsd playworld'. So not for a specific service to be jailed, but for a limited 'normal' system with services like, apache, sshd, ftp and such typical ones.
But because it will run with kern.securelevel=3 several things are not needed or wanted. Shared memory is disabled, too.
I ended up with these
Code:
root::0:0::0:0:Charlie &:/root:/bin/csh
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologinThis does NOT include users for apache, dovecot etc.
Please let me now if I miss some important ones or if I could remove some of these, too.
Thanks!
Jimmy