Subject: Re: Who is "toor"?
To: Benjamin Hell <>
From: Richard Rauch <>
List: netbsd-users
Date: 02/03/2001 14:08:26
This probably should be in a FAQ, but I can't find it. (I asked the same
question, a couple of years ago.  A quick search of the mailing lists
failed to turn up my question, though.)

The basic answer is: toor is an alternate root account.  It apparently
exists primarily because some users like csh, while others like sh, as
their default shell.  If at least one user from each camp has root access,
you would end up with griping about the default shell.

toor serves no other purpose, as far as I know.  (I have deleted toor from
my /etc/passwd, it seems.  I don't clearly remember having done so, but
the toor user is gone.  (^&)

I don't understad fully what the problem is with inactive accounts that
have valid login shells.  However, the toor account (having full root
privileges) is disabled by default.  To change that, su to root and use
passwd to change toor's password.  (The ``*'' in the password field
effectively blocks anyone logging in as toor.  You can use vipw, as root,
to disable accounts by simply inserting an asterisk inthe password.  The
asterisk is never generated as part of the one-way password encryption,
I'm told, so an asterisk in the password field makes it impossible for
anyone to login as that user.)

Alternatively, you can simply remove the toor account.  (^&

I hope that that answers your question, though I could probably have been
more concise.  Good luck, and welcome to NetBSD.

  "I probably don't know what I'm talking about."