[BACK]Return to master.passwd CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc
File: [cvs.NetBSD.org] / src / etc / master.passwd (download)

Revision 1.47, Tue Jul 9 09:34:58 2013 UTC (10 years, 9 months ago) by roy
Branch: MAIN
CVS Tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, pgoyette-localcount-base, pgoyette-localcount-20160806, pgoyette-localcount-20160726, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7
Branch point for: pgoyette-localcount
Changes since 1.46: +1 -0 lines 

Add _rtadvd user and group.
Add a chroot dir for the _rtadvd user.
Drop privs to the user _rtadvd after acquiring our socket.
When rc.d/rtadvd starts or reloads, the rtadvd config file is copied
into the chroot before starting or reloading rtadvd itself.
Create a symlink from /var/run/rtadvd.dump to the chroot

Inital idea from OpenBSD patch rtadvd.c r1.36

root::0:0::0:0:Charlie &:/root:/bin/sh
toor:*:0:0::0:0:Bourne-again Superuser:/root:/bin/sh
daemon:*:1:1::0:0:The devil himself:/:/sbin/nologin
operator:*:2:5::0:0:System &:/usr/guest/operator:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
games:*:7:13::0:0:& pseudo-user:/usr/games:/sbin/nologin
postfix:*:12:12::0:0:& pseudo-user:/var/spool/postfix:/sbin/nologin
named:*:14:14::0:0:& pseudo-user:/var/chroot/named:/sbin/nologin
ntpd:*:15:15::0:0:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
sshd:*:16:16::0:0:& pseudo-user:/var/chroot/sshd:/sbin/nologin
_pflogd:*:18:18::0:0:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
_rwhod:*:19:19::0:0:& pseudo-user:/var/rwho:/sbin/nologin
_proxy:*:21:21::0:0:Proxy Services:/nonexistent:/sbin/nologin
_timedc:*:22:22::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_sdpd:*:23:23::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_httpd:*:24:24::0:0:& pseudo-user:/var/www:/sbin/nologin
_mdnsd:*:25:25::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_tests:*:26:26::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_tcpdump:*:27:27::0:0:& pseudo-user:/var/chroot/tcpdump:/sbin/nologin
_tss:*:28:28::0:0:& pseudo-user:/var/tpm:/sbin/nologin
_rtadvd:*:30:30::0:0:& pseudo-user:/var/chroot/rtadvd:/sbin/nologin
uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
nobody:*:32767:39::0:0:Unprivileged user:/nonexistent:/sbin/nologin