Subject: Re: User that I didn't add appearing on NetBSD system
To: Herb Peyerl <>
From: Steven M. Bellovin <>
List: tech-pkg
Date: 01/05/2006 11:37:37
In message <>, Herb Peyerl writes:
>On 5-Jan-06, at 4:13 AM, Eric wrote:
>> I've been using NetBSD 2.0 for a few months, and just configured  
>> kdm so that I can log-in graphically.  When I did so, I noticed two  
>> other users - "nobody" and "cyrus" - listed on the display.
>> I'm not that concerned about "nobody", but what/who is "cyrus"?  I  
>> haven't added any other users to the system.  Cyrus' "Full Name"  
>> according to kusers begins with instmp.  Is this a user needed for  
>> the system, or has my system been compromised (I configured my own  
>> ipf firewall based on an example from the FreeBSD handbook, and  
>> haven't felt 100% comfortable with my work).
>> I'd like to delete "cyrus" but don't want to muck things up.
>You probably added the Cyrus imapd client or cyrus-saslauth stuff.
>cyrus:*:1003:6:cyrus-sasl cyrus user:/nonexistent:/bin/sh
Perhaps packages that add userids should indicate that in the gecos 

	cyrus:*:1003:6:cyrus-sasl cyrus user,pkg-imapd:/nonexistent:/bin/sh

or some such.  (tech-pkg added to the cc list.)

		--Steven M. Bellovin,