Recipe 8.13. Creating a System User

Previous page
Table of content
Next page
 < Day Day Up > 

8.13.1 Problem

You need to know how to create system users for programs like Postfix, Apache, or Squid. These programs should have their own unique user accounts and not just all pile into "nobody."

8.13.2 Solution

Both adduser and useradd can do this. adduser works like this:

# adduser  system   no-create-home  group squid Adding system user squid... Adding new group squid (109). Adding new user squid (109) with group squid Not creating home directory

Check your work:

# cat /etc/passwd | grep squid squid:x:109:109::/home/squid:/bin/false

Even though it lists /home/squid, a home directory is not created.

Here's how useradd does it:

# useradd -d /dev/null -g squid -s /bin/false squid

8.13.3 Discussion

The nobody user is the default for a lot of daemons and processes that need a system account, but an increasing number of applications require their own unique users. Use a unique user whenever possible, because it's a good security practice. The nobody account is a common cracker target, and you don't want to expose all kinds of processes and daemons to a common point of attack.

8.13.4 See Also

  • adduser(8), adduser.conf(5), useradd(8)

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Linux Cookbook
    Linux Cookbook
    ISBN: 0596006403
    EAN: 2147483647
    Year: 2004
    Pages: 434
    Authors: Carla Schroder
    BUY ON AMAZON
    Qshell for iSeries
    Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
    Cisco IOS Cookbook (Cookbooks (OReilly))
    PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
    Special Edition Using Crystal Reports 10
    Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy