Hi all,

I've been wondering how to deal with this particular issue for quite
some time now, and I can't find any references to "the right way"(TM)
to handle it.

I always prefer to run automated tasks as limited privilege users on
my OpenBSD hosts - such as tasks that pull files across from other
hosts, and other such nightly tasks.  To make this work the drop priv
user account needs a shell and a home dir (for SSH keys etc), and has
no need for a password.  However this causes the /etc/security script
to generate warnings every night such as,

"""
Login nightlysync is off but still has a valid shell and alternate
access files in home directory are still readable.
"""

The tasks that this user performs are scheduled through cron.

Is there a better way for me to be setting up these kinds of tasks so
that this warning doesn't get raised ?  Or is the warning spurious ?

Cheers
Dave

Reply via email to