HPE Community
Operating System - HP-UX
1753912 Members
8696 Online
108810 Solutions
New Discussion

Re: user list in SAM

 
SOLVED
Go to solution
Fauziah Mahdan
Super Advisor

‎06-07-2005 01:18 PM

‎06-07-2005 01:18 PM

user list in SAM

Hi all where can I find any doc related to the list of user in SAM, like who is the user, the function and the purpose to create esp default one. E.g bin,daemon,hpdb,lp,,nuucp,uucp,www and etc

Thanks
0 Kudos
Reply
5 REPLIES 5
Paul_481
Respected Contributor

‎06-07-2005 02:09 PM

‎06-07-2005 02:09 PM

Solution

Re: user list in SAM

Hi Fauziah,

These users are pseudo and special accounts that is used by subsystem.

FROM MANAGING STANDARDS AND PASSWORDS

http://docs.hp.com/en/5990-8172/ch08s03.html#bjeieaae

By tradition, the /etc/passwd file contains numerous â pseudo-accountsâ â entries not associated with individual users and which do not have true interactive login shells.

Some of these entries, such as date, who, sync, and tty, evolved strictly for user convenience, providing commands that could be executed without logging in. To tighten security, they have been eliminated in the distributed /etc/passwd so that these programs can be run only by a user who is logged in.

Other such entries remain in /etc/passwd because they are owners of files. Programs with owners such as adm, bin, daemon, hpdb, lp, and uucp encompass entire subsystems, and represent a special case. Since they grant access to files they protect or use, these programs must be allowed to function as pseudo-accounts, with entries listed in /etc/passwd. The customary pseudo- and special accounts are shown in Figure 8-1, â Pseudo- and Special System Accountsâ .
Reply
Joseph Loo
Honored Contributor

‎06-07-2005 02:32 PM

‎06-07-2005 02:32 PM

Re: user list in SAM

hi,

some threads on these users, just in case u r ask by auditor for the function of these users:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=142049

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=232066

also, do not delete them.

regards.
what you do not see does not mean you should not believe
0 Kudos
Reply
vinod_25
Valued Contributor

‎06-17-2005 09:24 PM

‎06-17-2005 09:24 PM

Re: user list in SAM

hi Fauz...

dont ever delete these users...

as these are the default users of unix ...

and users cannot login with any of these usernames ( root or rootequiv can login by changing the passwd).. ... so dont panic!

Regards

Vinod k
Reply
Mel Burslan
Honored Contributor

‎06-18-2005 06:37 AM

‎06-18-2005 06:37 AM

Re: user list in SAM

well, I have to disagree with "don't delete those users" comment here. Yeah, you do not go in and delete them all but if your server is not going to use some sort of web server or app server, you do not need www account. Heck even if you are going to run it but run it under a predefined user, you will not need this account. Another candidate for deletion is hpdb account. Even some hp engineers I talked to, does not remember what it used to be used for anymore. Most probably it was something related to hp's old database, allbase, but do you use it ? I sure don't. So, why do I need it as a sore point when I get SOX audited.

So my suggestion is sysadm of each system needs to decide if they have any use for any of these accounts and delete the ones he/she needs on his/her own discretion.

to see if a user has any files/directories associated by this username, run the command:

find / -user $USERNAME

(do it when your system has very low utilization, as this will hammer your disks pretty bad)

and see if it lists anything. If it does, decide if these files are used for anything related to the purpose of this server. For instance, if you are going to run a very specific application on your server and you get an apache web server installed with user id www, do you really want it there, as a security threat ?

This issue is more political than technical. So, every data center should make their own decisions about which of the default users they get handed upon a fresh system installation they want to delete and which ones to keep.

Hope this helps.
________________________________
UNIX because I majored in cryptology...
Reply
Fauziah Mahdan
Super Advisor

‎06-24-2005 03:00 PM

‎06-24-2005 03:00 PM

Re: user list in SAM

Hi all,
thanks for the reply. Sorry late, I attend SNA1 course at HP education Centre Malaysia. Did ask the same question too. I am doing the doc of all my hp-ux servers that's why need the info.....will refer to the link...

Thanks
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.