user 'nobody' - who is this? why?

P

pinglin

Hello!

After googling found a lot of interesting articles about 'nobody' system user. But didn't found answer for things I am interested in.

I have radius authentication configured, users can telnet/ssh to my FreeBSD with radius accounts. So on radius server created user 'nobody' and successfully authenticated to my FreeBSD workstation (got waning "Couldn't chdir to /nonexistent" something like this, but given a shell).
Wondering if it is a possible problematic place? is it possible to assign/change password to 'nobody'?

What does it mean that 'nobody' has a NULL password by default?

Thanks in advance!
 
By default the nobody account is locked out, has a non-existent home directory and has it's shell set to /usr/bin/nologin. You shouldn't be able to get a shell on that account. Don't use it as a radius account.

The account can used to run applications or daemons and it has very limited access to the system.
 
Thank you for the reply.
The shell shouldn't be given, but it is given.
Nevertheless it is impossible to assign password for 'nobody'...?
 
pinglin said:
Nevertheless it is impossible to assign password for 'nobody'...?
Click to expand...
No, you can set a password on it. It's just an account like all the others.
 
So one of my newly built servers is crashing regularly. I had a top running to catch what what was going on when the crash occurred. I see that half a dozen or so processes were run by 'nobody'. I'm not saying this is related to the crash, but I am asking is it normal for 'nobody' to be running numerous processes including find, locate.code, numerous instances of sh, and csh?

Server is running 10.1-RELEASE.
 
Yes, the locate.code probably comes from the weekly periodic that updates your locate database. It might spawn several shells and subprocesses that belong to nobody including find.
 
PacketMan said:
So one of my newly built servers is crashing regularly. I had a top running to catch what what was going on when the crash occurred. I see that half a dozen or so processes were run by 'nobody'. I'm not saying this is related to the crash, but I am asking is it normal for 'nobody' to be running numerous processes including find, locate.code, numerous instances of sh, and csh?

Server is running 10.1-RELEASE.
Click to expand...

See this thread:

Thread 29994
 
Yes thank you, I am exploring that and other discussions now. I have been able to crash my system at will by running find command manually. Any let's keep that for other topics/threads. But I am interested in learning is my observation about 'nobody' is normal expected behavior.
 
PacketMan said:
Yes thank you, I am exploring that and other discussions now. I have been able to crash my system at will by running find command manually. Any let's keep that for other topics/threads. But I am interested in learning is my observation about 'nobody' is normal expected behavior.
Click to expand...

It is normal, many of the periodic(8) and built-in cron(8) tasks are run as nobody for security reasons.
 
You must log in or register to reply here.
Back
Top