Re: pruning cruft in /etc/passwd and /etc/group
>> backup bin daemon games irc list lp mail man messagebus operator
>> proxy sync sys uucp
> backup: historical, probably safe to remove
> bin: historical, and possibly used
> daemon: historical, commonly used by daemons that need to own files, but
> can't
> have their own user for some reason
> games: placeholder for group games, don't remove it
> irc: used for irc daemon(s), probably not necessary
> list: I don't know
> lp: used for printing daemon(s) and as a placeholder for group lp, don't
> remove
> unless you don't have a printer and have no printing software installed
> mail: placeholder for group mail, sometimes used by mail daemon(s), don't
> remove man: placeholder for group man, don't remove unless you don't use
> the man
> command
> messagebus: I don't know
> operator: historical, probably safe to remove
> proxy: almost definately safe to remove unless you run any proxy server(s)
> that
> use it
> sync: I don't know
> sys: I don't know
> uucp: if you've never heard of it, you probably don't need it
>
>> adm audio backup bin daemon dialout dip disk fax floppy games irc kmem
>> list logcheck lp lpadmin mail man messagebus nogroup ntop operator proxy
>> sasl scanner shadow src ssh staff sudo sword sys tape tty utmp uucp
>> video voice
> adm: used for logs, do not remove
> audio: used for sound devices, only remove if you have no sound devices
> and
> don't plan on ever having any
> backup: see above
> bin: see above
> daemon: see above
> dialout: used by suid ppp programs and possible ppp devices, if you are
> sure
> you'll never use a modem (including dsl and some other high speed ones)
> it may be safe to remove
> dip: I don't know
> disk: DO NOT REMOVE, it's used for hard drives
> fax: self explanitory, can probably be safely removed if you don't use it
> floppy: don't remove unless you will never have a floppy drive
> games: used to control which users can play games, including things like
> fortune
> and sl. probably shouldn't be removed
> irc: see above
> kmem: I don't know, but k* (in system stuff) usually has to do with the
> kernel,
> so it probably shouldn't be removed
> list: see above
> logcheck: I don't know
> lp: controls who can use a printer, only remove if you don't and never
> will
> print
> lpadmin: controls who can add/change/remove printers, see above for
> removal
> conditions
> mail: used for mail boxes in shared directories and for controlling
> various mail
> related ACLs
> man: see above
> messagebus: see above
> nogroup: DO NOT REMOVE, it's used for minimal access rights
> ntop: I don't know
> operator: see above, also commonly used by sudo to grant rights
> proxy: see above
> sasl: commonly used for smtp and/or pop/imap authentication, can be
> removed if
> not in use and the sasl programs aren't installed
> scanner: simillar to lp, but for scanners
> shadow: DO NOT REMOVE, used to conrol read access to /etc/shadow and
> /var/backup/shadow*
> src: used to control write access to /usr/src, don't remove
> ssh: I don't know exactly what it's for, but obviously is related to ssh
> and/or
> sshd
> staff: historical, used in /home, don't remove without cleaning up /home
> first sudo: I don't know, but related to sudo
> sword: I don't know
> sys: see above
> tape: used for tape devices, don't remove if you have/will have one
> tty: DO NOT REMOVE, used for virtual consoles, serial, ports, etc.
> utmp: DO NOT REMOVE, used for logs
> uucp: see above
> video: like audio, but for video devices
> voice: I don't know
Thanks, this is helpful. Please consider submitting a patch
for /usr/share/doc/base-passwd/users-and-groups.txt.gz.
Reply to: