Re: pruning cruft in /etc/passwd and /etc/group

To: debian-user@lists.debian.org
Subject: Re: pruning cruft in /etc/passwd and /etc/group
From: Thomas Adam <thomas_adam16@yahoo.com>
Date: Tue, 11 Jan 2005 17:00:54 +0000 (GMT)
Message-id: <[🔎] 20050111170054.85092.qmail@web41103.mail.yahoo.com>
In-reply-to: <[🔎] MPG.1c4dc97dab05d6699896b4@localhost>

 --- Andrew Schulman <andrex@alumni.utexas.net> wrote: 
> Over years of testing software, my /etc/passwd and /etc/group files are 
> littered with leftover junk.  Here are some entries in /etc/passwd which

> don't correspond to any actual or useful virtual users that I'm aware 
> of:
> 
> backup bin daemon games irc list lp mail man messagebus operator 
> proxy sync sys uucp

You're wrong. They're used by certain daemons. I am not going to list
every entry against the likely candidate, either. Suffice it to say that
they're part of tradition, and at a lower level, convey the underlying
permissions about how a lot of applications operate.

> Here's a list of questionable entries in /etc/group:
> 
> adm audio backup bin daemon dialout dip disk fax floppy games irc kmem 

It's a matter of convention. "adm" as group ownership is used on a number
of directories in /var. "audio", is used on /dev'ice nodes for sound
applications, "dialout", by the same token as for "audio" - but used on
modem devices. "disk" is used for harddrives and other devices.

> As a general security measure, I want to prune the useless entries from 
> these files (and /etc/shadow too, of course).  The problem is to be sure

> that before I remove an entry, it's not going to make bad things happen.

If you do that, you will break all your permissions on your system at a
fundemental level! Furthermore, I can't quite see where your argument or
concern about security stems from. These are not "users" that login.
They're static -- defined by the system (and fairly common across all
Linux variants, and Unixes that I know of, bar one or two exceptions). The
idea is flawed, and without reason.

[..snip..]

-- Thomas Adam

=====
"The Linux Weekend Mechanic" -- http://linuxgazette.net
"TAG Editor"                 -- http://linuxgazette.net

"<shrug> We'll just save up your sins, Thomas, and punish 
you for all of them at once when you get better. The 
experience will probably kill you. :)"

 -- Benjamin A. Okopnik (Linux Gazette Technical Editor)

___________________________________________________________ 
ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com

Reply to:

Follow-Ups:
- Re: pruning cruft in /etc/passwd and /etc/group
  - From: Andrew Schulman <andrex@alumni.utexas.net>

References:
- pruning cruft in /etc/passwd and /etc/group
  - From: Andrew Schulman <andrex@alumni.utexas.net>

Prev by Date: Re: how to revert from ext3 back to ext2?
Next by Date: sound
Previous by thread: pruning cruft in /etc/passwd and /etc/group
Next by thread: Re: pruning cruft in /etc/passwd and /etc/group
Index(es):
- Date
- Thread