Subject: Re: User that I didn't add appearing on NetBSD system
To: None <netbsd-users@NetBSD.org, tech-pkg@NetBSD.org>
From: Pavel Cahyna <email@example.com>
Date: 01/06/2006 01:03:59
On Thu, Jan 05, 2006 at 11:37:37AM -0500, Steven M. Bellovin wrote:
> In message <2D9B97AF-F18F-4B5F-9E76-3F448F360E70@beer.org>, Herb Peyerl writes:
> >On 5-Jan-06, at 4:13 AM, Eric wrote:
> >> I've been using NetBSD 2.0 for a few months, and just configured
> >> kdm so that I can log-in graphically. When I did so, I noticed two
> >> other users - "nobody" and "cyrus" - listed on the display.
> >> I'm not that concerned about "nobody", but what/who is "cyrus"? I
> >> haven't added any other users to the system. Cyrus' "Full Name"
> >> according to kusers begins with instmp. Is this a user needed for
> >> the system, or has my system been compromised (I configured my own
> >> ipf firewall based on an example from the FreeBSD handbook, and
> >> haven't felt 100% comfortable with my work).
> >> I'd like to delete "cyrus" but don't want to muck things up.
> >You probably added the Cyrus imapd client or cyrus-saslauth stuff.
> >cyrus:*:1003:6:cyrus-sasl cyrus user:/nonexistent:/bin/sh
> Perhaps packages that add userids should indicate that in the gecos
> cyrus:*:1003:6:cyrus-sasl cyrus user,pkg-imapd:/nonexistent:/bin/sh
> or some such. (tech-pkg added to the cc list.)
And maybe they could use the range below 1000 for UIDs, as those users are
in fact "system users".