HPE Community
Operating System - HP-UX
1844093 Members
2556 Online
110227 Solutions
New Discussion

Default accounts in /etc/passwd

 
KCS_1
Respected Contributor

‎08-27-2003 01:07 AM

‎08-27-2003 01:07 AM

Default accounts in /etc/passwd

Hi, Everyone!

I've read stuff and URL here that why need default accounts in /etc/passwd,however there wasn't the effect of the system when removed.

For example, when removed or # marked in front of them that sys, adm ,bin ,daemon ,uucp ,lp ,hpdb ,nobody ,www ,webadmin.

I am so wondering what will happen on it??
If, many services doesn't work, please let me know some example.

any helps will so much to be appriciated.

Best Regards :-)

- Pat

any effect?
Easy going at all.
0 Kudos
Reply
7 REPLIES 7
Bruno Vidal
Respected Contributor

‎08-27-2003 01:14 AM

‎08-27-2003 01:14 AM

Re: Default accounts in /etc/passwd

Hi,
I don't think it would be a good idea to remove this accounts, because lots of services will be unvailable. For example without lp user, the scheduler will be out. Without bin or sys, lots of command won't work: example uptime (because there is set uid bit on this bin user). It is the same with www and your apache/netscape server. For uucp, it is the uucp command (but for this one, you probably don't use it anymore). So without any good reason, don't remove this accounts.

Cheers.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎08-27-2003 01:16 AM

‎08-27-2003 01:16 AM

Re: Default accounts in /etc/passwd

Mess with these accounts and watch your system freak out.

They don't put them in for no reason.

I can't go down the line and explain what each one does, but the names are somewhat intuitive.

www is the usually the owner of the httpd server. If you aren't running one, you can get away with commenting it. Note that HP installs a httpd(web) server as a default in 11.11

bin is necessary to run the system as is sys and adm and daemon.

SEP
Wish I could sleep.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Michael Tully
Honored Contributor

‎08-27-2003 02:04 AM

‎08-27-2003 02:04 AM

Re: Default accounts in /etc/passwd

Some of these are needed due to binary files being owned. The best sorce of information I've found on this is in the bastion white paper which can be found here.

http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/building_a_bastion_host.pdf
Anyone for a Mutiny ?
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎08-27-2003 02:11 AM

‎08-27-2003 02:11 AM

Re: Default accounts in /etc/passwd

Pat,

I would wonder what it is that you hope to gain by eliminating these accounts? They use occupy no measurable resources: cpu; memory; bandwidth. There may be some diskspace occupied under their uid, but in order for the functions they fulfill to work, that space will have to be occupied by some uid. You're not going to have an lp spooler without the lp account, nor ftp without the tftp account. The bin, sys, and adm accounts are, I suspect just to provide some sort of granularity in accountability rather than having everything running under root. Perhaps an "Intro to Unix" or "Unix History" sort of book might contain a more exact explanation of the various "system" accounts.

The one thing I would note is that most of these accounts are disabled - they can't be logged into, so if you're hoping to make your system more secure, you're not going to gain anything here. I might also mention that none of the HP security classes I've attended have mentioned anything about getting rid of these accounts.

I would suggest that you leave them and concentrate your efforts elsewhere.


Pete


Pete
0 Kudos
Reply
Cheryl Griffin
Honored Contributor

‎08-27-2003 03:49 AM

‎08-27-2003 03:49 AM

Re: Default accounts in /etc/passwd

adm - owns accounting files
bin - own executable files for most user commands
daemon - executes system server processes
uucp - unix-to-unix copy
lp - owns printing
hpdb - owns database files
nobody - used in NFS
www & webadmin - used for www processes

>>I am so wondering what will happen on it??
If, many services doesn't work, please let me know some example.>>
There's nothing like first hand experience. Try this on a test machine, not a production system.
"Downtime is a Crime."
0 Kudos
Reply
hein coulier
Frequent Advisor

‎08-27-2003 06:53 AM

‎08-27-2003 06:53 AM

Re: Default accounts in /etc/passwd

in my opinion it would be best to lock the default accounts or randomize their paswords.
0 Kudos
Reply
KCS_1
Respected Contributor

‎08-27-2003 05:12 PM

‎08-27-2003 05:12 PM

Re: Default accounts in /etc/passwd

Thanks so much Advanced.

anyway,

To Anybody

I need more much knowledges of basic UNIX system Theoroy,Concept,History etc.

Will you recommend some good books about that you have experienced reading?

Specially, Pete!


>>The bin, sys, and adm accounts are, I suspect just to provide some sort of granularity in accountability rather than having everything running under root. Perhaps an "Intro to Unix" or "Unix History" sort of book might contain a more exact explanation of the various "system" accounts. <<



Thanks again.





Easy going at all.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.