On Tue, Aug 07, 2001 at 01:31:38PM -0400, Joey Hess wrote:
>
> Wichert Akkerman wrote:
> > Amusingly enough Jochen Voss made a draft of such a document recently
> > that is still sitting in my mailbox. I'll flesh it out and add it to
> > base-passwd later today.
>
> Looking forward to seeing it.
Javier Fdz-Sanguino Pen~a writes:
> I can confirm that on Solaris 2.5, bin is the owner and group of most
> files in /bin, /usr/bin, et al.
Likewise on System III on my Onyx, IIRC.
--
John Hasler
[EMAIL PROTECTED]
Dancing Horse Hill
Elmwood, Wisconsin
>> Javier Fdz-Sanguino Pen~a <[EMAIL PROTECTED]> writes:
> > I can confirm that on Solaris 2.5, bin is the owner and group of most
> > files in /bin, /usr/bin, et al. I don't go back all that far in unix, so
> > I don't know why that is.
>
> I can confirm the same for AIX 4.3.3
FWIW,
On Wed, Aug 08, 2001 at 04:31:52PM -0500, Aaron Hall wrote:
> On Tue, 7 Aug 2001, Joey Hess wrote:
>
> > bin:
> >
> > HELP: No files on my system are owned by user or group bin. What
> > good are they? Historically they were probably the owners of
> > binaries in /bin? It i
Joey Hess <[EMAIL PROTECTED]> writes:
> sync:
>
> The shell of user sync is /bin/sync. Thus, if its password is set
> to something easy to guess (such as ""), anyone can sync the system
> at the console even if they have no account on the system.
>
> HELP: If that
On Tue, 7 Aug 2001, Joey Hess wrote:
> bin:
>
> HELP: No files on my system are owned by user or group bin. What
> good are they? Historically they were probably the owners of
> binaries in /bin? It is not mentioned in the FHS, debian
> policy, or the chan
On Wed, Aug 08, 2001 at 09:43:36AM -0500, Dave Sherohman wrote:
> On Wed, Aug 08, 2001 at 12:41:13PM +0200, Carel Fellinger wrote:
...
> > I thought this allowed sgui-ed games to have a top-scores file that
> > can't be altered by lusers, unless ofcourse they turn into winners.
>
> Yep, that's wha
On Wed, Aug 08, 2001 at 12:41:13PM +0200, Carel Fellinger wrote:
> On Tue, Aug 07, 2001 at 05:46:31PM -0700, Eric G. Miller wrote:
> > On Tue, Aug 07, 2001 at 12:25:56PM -0400, Joey Hess wrote:
> ...
> > > Hmm, I'm not sure I understand. Yes of course you have games owned by
> > > group games. But
On Aug 07, Adam Heath <[EMAIL PROTECTED]> wrote:
>This is kinda like group mail. People can be added to group uucp, then be
>able to call the uucp binaries, to interact with the uucp subsystem.
No user should be ever added to group uucp.
--
ciao,
Marco
On Tue, Aug 07, 2001 at 05:46:31PM -0700, Eric G. Miller wrote:
> On Tue, Aug 07, 2001 at 12:25:56PM -0400, Joey Hess wrote:
...
> > Hmm, I'm not sure I understand. Yes of course you have games owned by
> > group games. But what is the user good for?
>
>Got me.
I thought this allowed sgui-ed
On Tue, Aug 07, 2001 at 01:31:38PM -0400, Joey Hess wrote:
>
> staff:
>
> Allows users to add local modifications to the system (/usr/local,
> /home) without needing root priveledges. Compare with group "adm",
> which is more related to monitoring/security.
since the default .p
On Tue, Aug 07, 2001 at 12:25:56PM -0400, Joey Hess wrote:
> Eric G. Miller wrote:
> > > HELP: My system has no files owned by user games, and I don't see
> > > the point of the user, aside from symmetry.
> >
> > Have several binaries in /usr/games with group "games". Some of
>
On Tue, Aug 07, 2001 at 04:59:28AM -0500, Colin Watson wrote:
>
> Incidentally, /var/cache/man has been man:root mode 2755 on Debian for a
> long time. Is it just me, or is the setgid bit rather unnecessary?
it is necessary, otherwise all the cache files end up owned by random
luser's primary gro
On Tue, Aug 07, 2001 at 04:46:22PM +1000, Sam Couter wrote:
> Apache runs with this uid. Some people like to make their web pages owned by
> this uid as well, but that's bad. Web servers don't modify web pages, they
> just read them.
>
> Apart from CGIs and other such nastiness, the web server cou
On Mon, Aug 06, 2001 at 11:02:53PM -0700, [EMAIL PROTECTED] wrote:
> >
> > www-data:
> >
> > HELP: Er, I should know this, but this box doesn't run apache and
> > I'm offline.
>
> Used by apache as the user/group, typically is the user/group that
> owns web content.
no, apache sho
On Tue, 7 Aug 2001, Joey Hess wrote:
> Debian has always lacked an explanation of what the various users and
> groups are for. Such a document is useful for sysadmins who must
> determine the correct way to use various users and groups. It's useful
> for developers as well, and it might help us fi
> "JH" == Joey Hess <[EMAIL PROTECTED]> writes:
JH> gnats:
JH> HELP: Evidently used by gnats. And it needs a static set why?
GNATS holds its database files under that user and accesses them via
`gnats' setuid programs and/or programs run by an Internet superserver
under `gnats'. Tho
[ Please honor Reply-To, y'all. ]
Wichert Akkerman wrote:
> Amusingly enough Jochen Voss made a draft of such a document recently
> that is still sitting in my mailbox. I'll flesh it out and add it to
> base-passwd later today.
Looking forward to seeing it. Here is what I've come up with merging
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> dialout:
>
> HELP: Is this used for /dev/cua devices or something?
Like, find /dev -group dialout
> dip:
>
> HELP: WHat did this group's name signify? DIaluP?
The name dip probably comes from the name of the dip program.
On Tue, Aug 07, 2001 at 05:28:43PM +0200, Wichert Akkerman wrote:
> Previously Dave Sherohman wrote:
> > Why? It seems a good, fairly standard method for allowing (selected)
> > non-root users to configure and build system software. (You still have
> > to become root to install it, of course, but
On Tue, Aug 07, 2001 at 10:07:13AM -0500, Dave Sherohman wrote:
> Why do it that way around instead of ownership root.news, mode 0640?
> That way a program running as group news would be able to read it,
> but modifications would remain restricted to root.
No particular reason other than that tha
Previously Dave Sherohman wrote:
> Why? It seems a good, fairly standard method for allowing (selected)
> non-root users to configure and build system software. (You still have
> to become root to install it, of course, but, IMO, that should be the
> only part of the process to require root privi
On Tue, Aug 07, 2001 at 02:49:56PM +0200, Wichert Akkerman wrote:
> Previously Joey Hess wrote:
> > src:
> >
> > This group owns source code, including files in /usr/src. It can be
> > used locally to give a user the ability to manage system source
> > code.
> I wouldn't mind ditching
On Tue, Aug 07, 2001 at 02:48:35PM +0100, Mark Brown wrote:
> The package would like the configuration file to be readable by a
> program that is running as user news without being world readable since
> it may contain passwords in plain text. The group news could probably
> go, though.
Why do it
On Tue, Aug 07, 2001 at 02:03:15PM +0100, Andrew Suffield wrote:
> On Mon, Aug 06, 2001 at 11:11:18PM -0700, Daniel Jacobowitz wrote:
> > > irc:
> > >
> > > HELP: Why does an irc daemon need its own static user and group?
> >
> > Because no one wants to trust it? :)
> >
> > It doesn't. Of cou
On Tue, Aug 07, 2001 at 02:41:31PM +0200, Marco d'Itri wrote:
> >HELP: I notice that /etc/news/leafnode/config and even /etc/news
> > are here owned by news.news. Which is odd, because those
> > arn't things the programs should be editing on the fly. What
> > gi
On Mon, Aug 06, 2001 at 11:11:18PM -0700, Daniel Jacobowitz wrote:
> > irc:
> >
> > HELP: Why does an irc daemon need its own static user and group?
>
> Because no one wants to trust it? :)
>
> It doesn't. Of course, removnig them is tricky.
This is a bug in ircd. It setuid()s itself to a
Previously Joey Hess wrote:
> majordom:
>
> Majordomo has a statically allocated uid on Debian systems for
> historical reasons.
>
> HELP: Do we still even ship that buggy old POS? And can someone
> remember what the hysterical raisins were?
No longer created on ne
On Aug 07, Joey Hess <[EMAIL PROTECTED]> wrote:
> HELP: I notice that /etc/news/leafnode/config and even /etc/news
>are here owned by news.news. Which is odd, because those
>arn't things the programs should be editing on the fly. What
>gives?
The packa
Previously Antonio Rodriguez wrote:
> What exactly is base-passwd?
[tornado;~]-2> dpkg -p base-passwd
Package: base-passwd
Essential: yes
Priority: required
Section: base
Installed-Size: 92
Maintainer: Wichert Akkerman <[EMAIL PROTECTED]>
Architecture: i386
Version: 3.2.1
Replaces: base
Depends: l
What exactly is base-passwd? Is it the base system? if so, it probably means
that will be installed in any system that will use the new base by
default(??); in any case, how can all this info be accessed?
> Previously Joey Hess wrote:
> > Debian has always lacked an explanation of what the various
Previously Joey Hess wrote:
> Debian has always lacked an explanation of what the various users and
> groups are for. Such a document is useful for sysadmins who must
> determine the correct way to use various users and groups.
Amusingly enough Jochen Voss made a draft of such a document recently
On Tue, Aug 07, 2001 at 04:46:22PM +1000, Sam Couter wrote:
> Joey Hess <[EMAIL PROTECTED]> wrote:
> > man:
> >
> > The man program (sometimes) runs as user man, so it can write cat
> > pages to /var/cache/man
> >
> > HELP: My system has no files owned by user man, and I don't see
> >
Previously Sam Couter wrote:
> Joey Hess <[EMAIL PROTECTED]> wrote:
> > dialout:
> >
> > HELP: Is this used for /dev/cua devices or something?
>
> Probably historically mixed up with uucp, fax and dip. I don't see why four
> groups for serial port access are necessary.
No, they are very diff
Previously Daniel Jacobowitz wrote:
> On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> > dip:
> >
> > HELP: WHat did this group's name signify? DIaluP?
>
> Dialup IP. apt-cache show dip, actually.
And ppp as well. Being in group dip allows you to use a tool to dialin,
group dial
On Mon, Aug 06, 2001 at 11:11:18PM -0700, Daniel Jacobowitz wrote:
> > sudo:
> >
> > HELP: Nothing uses it here, and I have sudo installed.. Maybe
> > there's a way to only let users in this group use sudo?
>
> There is, sure, but the group isn't special in any way...
users in grou
* Martijn van Oosterhout
| > list:
| >
| > HELP: Evidently used by smartlist?
|
| It's what the list archives are owned by as well as the user doing the
| sending and receiving of email.
Used by mailman as well.
--
Tollef Fog Heen
You Can't Win
On Tue, 07 Aug 2001, Joey Hess wrote:
> uucp:
> HELP: Presumably used for UUCP, which I know nothing of.
> dialout:
> HELP: Is this used for /dev/cua devices or something?
The uucp user and group is used by the UUCP subsystem. It owns
spool and configuration files. uucico, a binary o
Joey Hess <[EMAIL PROTECTED]> wrote:
> man:
>
> The man program (sometimes) runs as user man, so it can write cat
> pages to /var/cache/man
>
> HELP: My system has no files owned by user man, and I don't see
> the point of the user, aside from symmetry.
Wasn't there
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> Debian has always lacked an explanation of what the various users and
> groups are for. Such a document is useful for sysadmins who must
> determine the correct way to use various users and groups. It's useful
> for developers as well, an
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> sudo:
>
> HELP: Nothing uses it here, and I have sudo installed.. Maybe
> there's a way to only let users in this group use sudo?
sudo uses this group internally. Members of this group do not need to type
their passwor
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> postgres:
>
> HELP: Presumably used by the postgresql database?
>
All the data file in the postgres system are owned by that user and group. I
think it's just a way of ensuring that no-one else can accedently access it.
> list:
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> uucp:
>
> HELP: Presumably used for UUCP, which I know nothing of.
>
> HELP: Why is minicom owned by group uucp? Is this a bug?
It also was (until recently?) setgid uucp, for modem locking. I
believe it was removed for sec
(oh no, a crosspost)
On Tue, Aug 07, 2001 at 01:35:48AM -0400, Joey Hess wrote:
> The man program (sometimes) runs as user man, so it can write cat
> pages to /var/cache/man
>
> HELP: My system has no files owned by user man, and I don't see
> the point of the user,
Debian has always lacked an explanation of what the various users and
groups are for. Such a document is useful for sysadmins who must
determine the correct way to use various users and groups. It's useful
for developers as well, and it might help us find unused users and
groups, or find unstated r
45 matches
Mail list logo
