Re: Removing all users

To: debian-user@lists.debian.org
Subject: Re: Removing all users
From: Dave Sherohman <esper@sherohman.org>
Date: Tue, 6 Apr 2004 15:59:36 -0500
Message-id: <[🔎] 20040406205936.GA4094@sherohman.org>
Mail-followup-to: Dave Sherohman <esper@sherohman.org>, debian-user@lists.debian.org
In-reply-to: <[🔎] BAY16-F108yi1RCoE0p00040eae@hotmail.com>
References: <[🔎] BAY16-F108yi1RCoE0p00040eae@hotmail.com>

On Tue, Apr 06, 2004 at 04:14:50PM +0200, Marco Kruijswijk wrote:
> All users of this server will 
> be taken out of a MySQL Database through PAM, so I thought that it would be 
> the most safe and easy-to-understand situation, when I remove all default 
> users from passwd and only keep the most important.

Debian sets up the default system users with invalid password hashes,
making it impossible to log in to them anyhow (except by su-ing from root,
but if an attacker has root, getting games won't do him any good), so
removing them shouldn't be necessary.

> And is it also possible to change their groups (so I can make all 
> users of passwd a member of the group "system")?

I don't know that you would want to change their groups in /etc/passwd
(that's just the user's default/primary group), but you can add them
all to the system group with

useradd -G system <username>

or by editing /etc/group directly.

-- 
The freedoms that we enjoy presently are the most important victories of the
White Hats over the past several millennia, and it is vitally important that
we don't give them up now, only because we are frightened.
  - Eolake Stobblehouse (http://stobblehouse.com/text/battle.html)

Reply to:

References:
- Removing all users
  - From: "Marco Kruijswijk" <marcolist5@hotmail.com>

Prev by Date: Re: intel fortran compiler probelms
Next by Date: RE: Woody and e1000 NICs - Checked by Vexira -
Previous by thread: Removing all users
Next by thread: Sarge ISO image.
Index(es):
- Date
- Thread