netbsd-users: Re: /etc/passwd

Subject: Re: /etc/passwd
To: PHOBOS 7 <mertis@ameritech.net>
From: Jeremy C. Reed <reed@reedmedia.net>
List: netbsd-users
Date: 03/03/2001 21:33:12
On Sat, 3 Mar 2001, PHOBOS 7 wrote:

> What users I can safely remove from /etc/passwd, it's from clean
> installation of netBSD 1.5,
> and it's going to be a gateway.

I am not sure exactly. So don't take my comments as gospel :)
But this may give you some ideas ...

Many of these users are not needed -- they may own files/directories as
installed in the default install. If you remove the users, you may want to
also remove the files/directories they own (or later if someone is
assigned that UID they'll have additional access).

Also, even if no files are currently owned by these users, it doesn't mean
that the users are not later used or not important.

You can find some of the files owned by the users with find; for example:

find / \( -user daemon -or -user games -or -user bin -or -user operator
-or -user news -or -user postfix -or -user uucp -or -user nobody -or -user
ingres -or -user falken \) -ls

But this will not find them all. Some of the users are used by programs
that change their UID while running.

> root

The Superuser! (Keep.)

> toor

toor is an alternative superuser.
(You can remove.)

> daemon

Some programs run as the "daemon" user, such as lpd.

> operator

I am not sure. The operator group is used for a variety of commands and
devices.

> bin

I am not sure what bin is for. I have a variety of executables, manual
pages and fonts owned by bin.

> news

news is used for running a usenet server.
(You can remove.)

> games

Not needed unless you use games.

> postfix

postfix is the user used by the postfix mail server daemons. If you use
sendmail to send out local mail messages, you can remove the postfix user.

> uucp

uucp is used for Unix-to-Unix Copy. uucp owns the /var/spool/uucp for
example. You can probably remove this if you don't use uucp/uucico.
Also, /usr/bin/cu and other related programs are owned (and setuid) for
this uucp user.

> nobody

Keep "nobody". Nothing (permanent) should be owned by "nobody". nobody is
the user to use when doing jobs that shouldn't have extra privileges.

> ingres

I am not sure about ingres. I think it has something to do with tunneling
or gif.

> falken

I don't think falken is used. If I remember correctly Falken is person
from the movie "War Games" ... that's what it looks like from looking at
the passwd entry.

If you do remove the unneeded and unused users then you may want to
consider also removing the files and directories they own. You could use
find(1) to find the user's files.

If you are removing users, you may also want to clean up your /etc/group.

Personally, I just keep the unused users. 

   Jeremy C. Reed
   http://www.reedmedia.net/