#
1.52 |
|
08-Oct-2021 |
nia |
Change the default shell of the "toor" user to /rescue/sh
toor is a backup account to be used in case of trouble.
When root's default shell was changed to from /bin/csh to /bin/sh, toor lost its purpose.
/rescue/sh is an ideal choice here because it's a static binary, while we've moved to dynamic linking for the rest of the system.
Discussed a few times over the years on tech-userlevel.
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base phil-wifi-20200421 phil-wifi-20200411 phil-wifi-20200406
|
#
1.51 |
|
02-Apr-2020 |
roy |
Add _dhcpcd user and group
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE is-mlppp-base netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base
|
#
1.50 |
|
09-Jan-2017 |
christos |
branches: 1.50.14; fix nsd home dir.
|
#
1.49 |
|
07-Jan-2017 |
christos |
add nsd
|
Revision tags: pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914
|
#
1.48 |
|
20-Aug-2016 |
christos |
unbound additions
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base tls-maxphys-base
|
#
1.47 |
|
09-Jul-2013 |
roy |
branches: 1.47.10; Add _rtadvd user and group. Add a chroot dir for the _rtadvd user. Drop privs to the user _rtadvd after acquiring our socket. When rc.d/rtadvd starts or reloads, the rtadvd config file is copied into the chroot before starting or reloading rtadvd itself. Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.46 |
|
25-Apr-2012 |
riz |
branches: 1.46.2; Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS.
Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
Revision tags: yamt-pagecache-base4 netbsd-6-base
|
#
1.45 |
|
28-Jan-2012 |
christos |
branches: 1.45.2; - add _tss user for tcsd, and needed directories for TrouSerS. This is all unused as of now because the trousers is not connected to the build yet.
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.44 |
|
05-Aug-2011 |
jmmv |
branches: 1.44.2; Rename the _atf user to _tests. The _atf name will get obsoleted if/when we migrate to Kyua (atf v2), so it's better to use a generic name that does not depend on the specific implementation. Also, this user has not gone out yet into any stable release, so we can easily rename it.
Suggested by jruoho@.
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.43 |
|
17-Dec-2010 |
jruoho |
Make tcpdump(8) to drop root privileges and chroot(2) by default.
|
#
1.42 |
|
07-Nov-2010 |
jmmv |
Add the _atf user and group to be able to run unprivileged tests automatically without having to manually tweak the 'unprivileged-user' setting. Suggested by pooka@.
|
Revision tags: matt-premerge-20091211
|
#
1.41 |
|
04-Oct-2009 |
christos |
mdnsd home should not be /var/www!
|
#
1.40 |
|
29-Sep-2009 |
tsarna |
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 mjf-devfs2-base2 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base mjf-devfs2-base keiichi-mipv6-base mjf-devfs-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.39 |
|
16-Oct-2007 |
tls |
Add httpd to the build. Add _httpd to passwd and groups and postinstall. Add /var/www to mtree, add example line to inetd.conf.
|
Revision tags: matt-mips64-base
|
#
1.38 |
|
18-Mar-2007 |
plunky |
branches: 1.38.4; For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.37 |
|
28-Jan-2007 |
cbiere |
Let timedc use the dedicated account "_timedc" for dropping privileges instead of abusing the account "nobody".
|
Revision tags: netbsd-4-0-RC2 netbsd-4-0-RC1 netbsd-4-base
|
#
1.36 |
|
12-Nov-2006 |
christos |
branches: 1.36.2; 1.36.4; goodbye uucp
|
#
1.35 |
|
08-Oct-2006 |
dogcow |
add all the proper fields to _proxy
|
#
1.34 |
|
07-Oct-2006 |
rpaulo |
PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks!
|
Revision tags: abandoned-netbsd-4-base
|
#
1.33 |
|
30-May-2006 |
christos |
Remove sendmail (approved by core)
|
#
1.32 |
|
12-Sep-2005 |
tsarna |
add _rwhod user (and group)
|
#
1.31 |
|
04-Apr-2005 |
peter |
Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4).
Approved by core.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-3-base netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.30 |
|
25-Jan-2003 |
soren |
branches: 1.30.6; Oops, didn't mean to remove toor (just yet).
|
#
1.29 |
|
25-Jan-2003 |
soren |
Consistently with previous such changes, make daemon's default group 1(daemon) rather than 31(guest). FreeBSD and OpenBSD have done the same thing.
|
Revision tags: fvdl_fs64_base
|
#
1.28 |
|
27-Oct-2002 |
christos |
make nobody's shell back /sbin/nologin. we'll use su -m for xdm.
|
#
1.27 |
|
27-Oct-2002 |
christos |
Don't make the shell of nobody /sbin/nologin. There are programs that expect to be executing su nobody -c 'command', such as xdm's Xwilling do this.
|
#
1.26 |
|
06-Jul-2002 |
tron |
Remove unused user and group "news" as discussed on "tech-userlevel".
|
#
1.25 |
|
05-Jun-2002 |
itojun |
uid/gid for sendmail 8.12.x. disallow chroot priv accounts from being used for ftp.
|
Revision tags: netbsd-1-6-PATCH002-RELEASE netbsd-1-6-PATCH002 netbsd-1-6-PATCH002-RC4 netbsd-1-6-PATCH002-RC3 netbsd-1-6-PATCH002-RC2 netbsd-1-6-PATCH002-RC1 netbsd-1-6-PATCH001 netbsd-1-6-PATCH001-RELEASE netbsd-1-6-PATCH001-RC3 netbsd-1-6-PATCH001-RC2 netbsd-1-6-PATCH001-RC1 netbsd-1-6-RELEASE netbsd-1-6-RC3 netbsd-1-6-RC2 netbsd-1-6-RC1 netbsd-1-6-base
|
#
1.24 |
|
20-May-2002 |
atatat |
tweak GECOS for games
|
#
1.23 |
|
20-May-2002 |
atatat |
tweak GECOS for postfix
|
#
1.22 |
|
17-May-2002 |
lukem |
fix ~sshd. tweak GECOS for named,ntpd,sshd
|
#
1.21 |
|
14-May-2002 |
itojun |
dig sshd uid/gid, and /var/empty, for sshd privilege separation
|
#
1.20 |
|
11-Oct-2001 |
lukem |
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
|
#
1.19 |
|
04-Mar-2001 |
lukem |
remove `falken' user; nothing depends upon it, it causes confusion about whether it's required or not, and by default it's useless anyway (because the one-hit-wonder joke with respect to its shell being /usr/games/wargames is moot unless you enable the account)
|
#
1.18 |
|
26-Feb-2001 |
lukem |
remove `ingres' user & group; we have never shipped with ingres in the base distribution, and packages that need a specific user & group can create it.
|
#
1.17 |
|
26-Feb-2001 |
lukem |
add named pseudo-user & group
|
Revision tags: netbsd-1-5-PATCH003 netbsd-1-5-PATCH002 netbsd-1-5-PATCH001 netbsd-1-5-RELEASE netbsd-1-5-BETA2 netbsd-1-5-BETA netbsd-1-4-PATCH003 netbsd-1-5-ALPHA2 netbsd-1-5-base minoura-xpg4dl-base netbsd-1-4-PATCH002 wrstuden-devbsize-19991221 wrstuden-devbsize-base comdex-fall-1999-base netbsd-1-4-PATCH001 netbsd-1-4-RELEASE netbsd-1-4-base
|
#
1.16 |
|
27-Mar-1999 |
abs |
If we have an 'operator' user, it should at least be gid operator.
|
#
1.15 |
|
27-Mar-1999 |
perry |
add postfix uid/gid, maildrop gid
|
#
1.14 |
|
25-Mar-1999 |
lukem |
change user `nobody's group from 9999 (non-existant) to 39 (group `nobody'). from Soren S. Jorvang <soren@t.dk> in [misc/6806]
|
#
1.13 |
|
17-Mar-1999 |
wrstuden |
toor is back, disabled by default as before.
|
#
1.12 |
|
16-Mar-1999 |
jonathan |
Revert to status quo ante (root's shell is csh, per BSD tradition), pending the proper procedures for making such a change.
|
#
1.11 |
|
15-Mar-1999 |
hubertf |
Give root a Bourne shell.
|
#
1.10 |
|
14-Mar-1999 |
abs |
It was just Plain Wrong to ship a password file that triggers /etc/security. Remove toor - if people want another root account, we'll assume they can copy and modify the root line.
|
Revision tags: netbsd-1-3-PATCH003 netbsd-1-3-PATCH003-CANDIDATE2 netbsd-1-3-PATCH003-CANDIDATE1 netbsd-1-3-PATCH003-CANDIDATE0 netbsd-1-3-PATCH002 netbsd-1-3-PATCH001 netbsd-1-3-RELEASE netbsd-1-3-BETA netbsd-1-3-base
|
#
1.9 |
|
19-Aug-1997 |
lukem |
As per [bin/1814] from Arne Juul <arnej@imf.unit.no>, and discussions with matt green <mrg@netbsd.org> (to shut up /etc/security) * set ingres account shell to /sbin/nologin * set ~daemon to / (not /root)
|
#
1.8 |
|
10-Jul-1997 |
mikel |
make toor's shell explicit to shut up /etc/security
|
#
1.7 |
|
15-Feb-1997 |
mikel |
cleanup Lite-1 merge
|
Revision tags: netbsd-1-2-PATCH001 netbsd-1-2-RELEASE netbsd-1-2-BETA netbsd-1-2-base netbsd-1-1-PATCH001 netbsd-1-1-RELEASE netbsd-1-1-base
|
#
1.6 |
|
03-Nov-1994 |
mycroft |
Correct the professor's name.
|
Revision tags: netbsd-1-0-PATCH06 netbsd-1-0-PATCH05 netbsd-1-0-PATCH04 netbsd-1-0-PATCH03 netbsd-1-0-PATCH02 netbsd-1-0-PATCH1 netbsd-1-0-PATCH0 netbsd-1-0-RELEASE netbsd-1-0-base
|
#
1.5 |
|
09-Feb-1994 |
cgd |
disable toor by default
|
#
1.4 |
|
09-Aug-1993 |
jtc |
uucp's shell, uucico, is in /usr/libexec/uucp (not /usr/lib/uucp).
|
Revision tags: netbsd-0-9-RELEASE netbsd-0-9-BETA netbsd-0-9-ALPHA2 netbsd-0-9-ALPHA netbsd-0-9-base
|
#
1.3 |
|
06-Jun-1993 |
cgd |
make root/operator group ids sane...
|
Revision tags: netbsd-0-8 netbsd-alpha-1
|
#
1.2 |
|
02-Apr-1993 |
cgd |
got rid of bill, lynne, ken, and dmr
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|
#
1.51 |
|
02-Apr-2020 |
roy |
Add _dhcpcd user and group
|
Revision tags: netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base
|
#
1.50 |
|
09-Jan-2017 |
christos |
fix nsd home dir.
|
#
1.49 |
|
07-Jan-2017 |
christos |
add nsd
|
Revision tags: pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914
|
#
1.48 |
|
20-Aug-2016 |
christos |
unbound additions
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base tls-maxphys-base
|
#
1.47 |
|
09-Jul-2013 |
roy |
branches: 1.47.10; Add _rtadvd user and group. Add a chroot dir for the _rtadvd user. Drop privs to the user _rtadvd after acquiring our socket. When rc.d/rtadvd starts or reloads, the rtadvd config file is copied into the chroot before starting or reloading rtadvd itself. Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.46 |
|
25-Apr-2012 |
riz |
branches: 1.46.2; Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS.
Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
Revision tags: yamt-pagecache-base4 netbsd-6-base
|
#
1.45 |
|
28-Jan-2012 |
christos |
branches: 1.45.2; - add _tss user for tcsd, and needed directories for TrouSerS. This is all unused as of now because the trousers is not connected to the build yet.
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.44 |
|
05-Aug-2011 |
jmmv |
branches: 1.44.2; Rename the _atf user to _tests. The _atf name will get obsoleted if/when we migrate to Kyua (atf v2), so it's better to use a generic name that does not depend on the specific implementation. Also, this user has not gone out yet into any stable release, so we can easily rename it.
Suggested by jruoho@.
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.43 |
|
17-Dec-2010 |
jruoho |
Make tcpdump(8) to drop root privileges and chroot(2) by default.
|
#
1.42 |
|
07-Nov-2010 |
jmmv |
Add the _atf user and group to be able to run unprivileged tests automatically without having to manually tweak the 'unprivileged-user' setting. Suggested by pooka@.
|
Revision tags: matt-premerge-20091211
|
#
1.41 |
|
04-Oct-2009 |
christos |
mdnsd home should not be /var/www!
|
#
1.40 |
|
29-Sep-2009 |
tsarna |
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 mjf-devfs2-base2 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base mjf-devfs2-base keiichi-mipv6-base mjf-devfs-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.39 |
|
16-Oct-2007 |
tls |
Add httpd to the build. Add _httpd to passwd and groups and postinstall. Add /var/www to mtree, add example line to inetd.conf.
|
Revision tags: matt-mips64-base
|
#
1.38 |
|
18-Mar-2007 |
plunky |
branches: 1.38.4; For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.37 |
|
28-Jan-2007 |
cbiere |
Let timedc use the dedicated account "_timedc" for dropping privileges instead of abusing the account "nobody".
|
Revision tags: netbsd-4-0-RC2 netbsd-4-0-RC1 netbsd-4-base
|
#
1.36 |
|
12-Nov-2006 |
christos |
branches: 1.36.2; 1.36.4; goodbye uucp
|
#
1.35 |
|
08-Oct-2006 |
dogcow |
add all the proper fields to _proxy
|
#
1.34 |
|
07-Oct-2006 |
rpaulo |
PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks!
|
Revision tags: abandoned-netbsd-4-base
|
#
1.33 |
|
30-May-2006 |
christos |
Remove sendmail (approved by core)
|
#
1.32 |
|
12-Sep-2005 |
tsarna |
add _rwhod user (and group)
|
#
1.31 |
|
04-Apr-2005 |
peter |
Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4).
Approved by core.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-3-base netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.30 |
|
25-Jan-2003 |
soren |
branches: 1.30.6; Oops, didn't mean to remove toor (just yet).
|
#
1.29 |
|
25-Jan-2003 |
soren |
Consistently with previous such changes, make daemon's default group 1(daemon) rather than 31(guest). FreeBSD and OpenBSD have done the same thing.
|
Revision tags: fvdl_fs64_base
|
#
1.28 |
|
27-Oct-2002 |
christos |
make nobody's shell back /sbin/nologin. we'll use su -m for xdm.
|
#
1.27 |
|
27-Oct-2002 |
christos |
Don't make the shell of nobody /sbin/nologin. There are programs that expect to be executing su nobody -c 'command', such as xdm's Xwilling do this.
|
#
1.26 |
|
06-Jul-2002 |
tron |
Remove unused user and group "news" as discussed on "tech-userlevel".
|
#
1.25 |
|
05-Jun-2002 |
itojun |
uid/gid for sendmail 8.12.x. disallow chroot priv accounts from being used for ftp.
|
Revision tags: netbsd-1-6-PATCH002-RELEASE netbsd-1-6-PATCH002 netbsd-1-6-PATCH002-RC4 netbsd-1-6-PATCH002-RC3 netbsd-1-6-PATCH002-RC2 netbsd-1-6-PATCH002-RC1 netbsd-1-6-PATCH001 netbsd-1-6-PATCH001-RELEASE netbsd-1-6-PATCH001-RC3 netbsd-1-6-PATCH001-RC2 netbsd-1-6-PATCH001-RC1 netbsd-1-6-RELEASE netbsd-1-6-RC3 netbsd-1-6-RC2 netbsd-1-6-RC1 netbsd-1-6-base
|
#
1.24 |
|
20-May-2002 |
atatat |
tweak GECOS for games
|
#
1.23 |
|
20-May-2002 |
atatat |
tweak GECOS for postfix
|
#
1.22 |
|
17-May-2002 |
lukem |
fix ~sshd. tweak GECOS for named,ntpd,sshd
|
#
1.21 |
|
14-May-2002 |
itojun |
dig sshd uid/gid, and /var/empty, for sshd privilege separation
|
#
1.20 |
|
11-Oct-2001 |
lukem |
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
|
#
1.19 |
|
04-Mar-2001 |
lukem |
remove `falken' user; nothing depends upon it, it causes confusion about whether it's required or not, and by default it's useless anyway (because the one-hit-wonder joke with respect to its shell being /usr/games/wargames is moot unless you enable the account)
|
#
1.18 |
|
26-Feb-2001 |
lukem |
remove `ingres' user & group; we have never shipped with ingres in the base distribution, and packages that need a specific user & group can create it.
|
#
1.17 |
|
26-Feb-2001 |
lukem |
add named pseudo-user & group
|
Revision tags: netbsd-1-5-PATCH003 netbsd-1-5-PATCH002 netbsd-1-5-PATCH001 netbsd-1-5-RELEASE netbsd-1-5-BETA2 netbsd-1-5-BETA netbsd-1-4-PATCH003 netbsd-1-5-ALPHA2 netbsd-1-5-base minoura-xpg4dl-base netbsd-1-4-PATCH002 wrstuden-devbsize-19991221 wrstuden-devbsize-base comdex-fall-1999-base netbsd-1-4-PATCH001 netbsd-1-4-RELEASE netbsd-1-4-base
|
#
1.16 |
|
27-Mar-1999 |
abs |
If we have an 'operator' user, it should at least be gid operator.
|
#
1.15 |
|
27-Mar-1999 |
perry |
add postfix uid/gid, maildrop gid
|
#
1.14 |
|
25-Mar-1999 |
lukem |
change user `nobody's group from 9999 (non-existant) to 39 (group `nobody'). from Soren S. Jorvang <soren@t.dk> in [misc/6806]
|
#
1.13 |
|
17-Mar-1999 |
wrstuden |
toor is back, disabled by default as before.
|
#
1.12 |
|
16-Mar-1999 |
jonathan |
Revert to status quo ante (root's shell is csh, per BSD tradition), pending the proper procedures for making such a change.
|
#
1.11 |
|
15-Mar-1999 |
hubertf |
Give root a Bourne shell.
|
#
1.10 |
|
14-Mar-1999 |
abs |
It was just Plain Wrong to ship a password file that triggers /etc/security. Remove toor - if people want another root account, we'll assume they can copy and modify the root line.
|
Revision tags: netbsd-1-3-PATCH003 netbsd-1-3-PATCH003-CANDIDATE2 netbsd-1-3-PATCH003-CANDIDATE1 netbsd-1-3-PATCH003-CANDIDATE0 netbsd-1-3-PATCH002 netbsd-1-3-PATCH001 netbsd-1-3-RELEASE netbsd-1-3-BETA netbsd-1-3-base
|
#
1.9 |
|
19-Aug-1997 |
lukem |
As per [bin/1814] from Arne Juul <arnej@imf.unit.no>, and discussions with matt green <mrg@netbsd.org> (to shut up /etc/security) * set ingres account shell to /sbin/nologin * set ~daemon to / (not /root)
|
#
1.8 |
|
10-Jul-1997 |
mikel |
make toor's shell explicit to shut up /etc/security
|
#
1.7 |
|
15-Feb-1997 |
mikel |
cleanup Lite-1 merge
|
Revision tags: netbsd-1-2-PATCH001 netbsd-1-2-RELEASE netbsd-1-2-BETA netbsd-1-2-base netbsd-1-1-PATCH001 netbsd-1-1-RELEASE netbsd-1-1-base
|
#
1.6 |
|
03-Nov-1994 |
mycroft |
Correct the professor's name.
|
Revision tags: netbsd-1-0-PATCH06 netbsd-1-0-PATCH05 netbsd-1-0-PATCH04 netbsd-1-0-PATCH03 netbsd-1-0-PATCH02 netbsd-1-0-PATCH1 netbsd-1-0-PATCH0 netbsd-1-0-RELEASE netbsd-1-0-base
|
#
1.5 |
|
09-Feb-1994 |
cgd |
disable toor by default
|
#
1.4 |
|
09-Aug-1993 |
jtc |
uucp's shell, uucico, is in /usr/libexec/uucp (not /usr/lib/uucp).
|
Revision tags: netbsd-0-9-RELEASE netbsd-0-9-BETA netbsd-0-9-ALPHA2 netbsd-0-9-ALPHA netbsd-0-9-base
|
#
1.3 |
|
06-Jun-1993 |
cgd |
make root/operator group ids sane...
|
Revision tags: netbsd-0-8 netbsd-alpha-1
|
#
1.2 |
|
02-Apr-1993 |
cgd |
got rid of bill, lynne, ken, and dmr
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|
#
1.50 |
|
09-Jan-2017 |
christos |
fix nsd home dir.
|
#
1.49 |
|
07-Jan-2017 |
christos |
add nsd
|
Revision tags: pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914
|
#
1.48 |
|
20-Aug-2016 |
christos |
unbound additions
|
Revision tags: netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base tls-maxphys-base
|
#
1.47 |
|
09-Jul-2013 |
roy |
Add _rtadvd user and group. Add a chroot dir for the _rtadvd user. Drop privs to the user _rtadvd after acquiring our socket. When rc.d/rtadvd starts or reloads, the rtadvd config file is copied into the chroot before starting or reloading rtadvd itself. Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.46 |
|
25-Apr-2012 |
riz |
branches: 1.46.2; Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS.
Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
Revision tags: yamt-pagecache-base4 netbsd-6-base
|
#
1.45 |
|
28-Jan-2012 |
christos |
branches: 1.45.2; - add _tss user for tcsd, and needed directories for TrouSerS. This is all unused as of now because the trousers is not connected to the build yet.
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.44 |
|
05-Aug-2011 |
jmmv |
branches: 1.44.2; Rename the _atf user to _tests. The _atf name will get obsoleted if/when we migrate to Kyua (atf v2), so it's better to use a generic name that does not depend on the specific implementation. Also, this user has not gone out yet into any stable release, so we can easily rename it.
Suggested by jruoho@.
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.43 |
|
17-Dec-2010 |
jruoho |
Make tcpdump(8) to drop root privileges and chroot(2) by default.
|
#
1.42 |
|
07-Nov-2010 |
jmmv |
Add the _atf user and group to be able to run unprivileged tests automatically without having to manually tweak the 'unprivileged-user' setting. Suggested by pooka@.
|
Revision tags: matt-premerge-20091211
|
#
1.41 |
|
04-Oct-2009 |
christos |
mdnsd home should not be /var/www!
|
#
1.40 |
|
29-Sep-2009 |
tsarna |
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 mjf-devfs2-base2 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base mjf-devfs2-base keiichi-mipv6-base mjf-devfs-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.39 |
|
16-Oct-2007 |
tls |
Add httpd to the build. Add _httpd to passwd and groups and postinstall. Add /var/www to mtree, add example line to inetd.conf.
|
Revision tags: matt-mips64-base
|
#
1.38 |
|
18-Mar-2007 |
plunky |
branches: 1.38.4; For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.37 |
|
28-Jan-2007 |
cbiere |
Let timedc use the dedicated account "_timedc" for dropping privileges instead of abusing the account "nobody".
|
Revision tags: netbsd-4-0-RC2 netbsd-4-0-RC1 netbsd-4-base
|
#
1.36 |
|
12-Nov-2006 |
christos |
branches: 1.36.2; 1.36.4; goodbye uucp
|
#
1.35 |
|
08-Oct-2006 |
dogcow |
add all the proper fields to _proxy
|
#
1.34 |
|
07-Oct-2006 |
rpaulo |
PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks!
|
Revision tags: abandoned-netbsd-4-base
|
#
1.33 |
|
30-May-2006 |
christos |
Remove sendmail (approved by core)
|
#
1.32 |
|
12-Sep-2005 |
tsarna |
add _rwhod user (and group)
|
#
1.31 |
|
04-Apr-2005 |
peter |
Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4).
Approved by core.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-3-base netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.30 |
|
25-Jan-2003 |
soren |
branches: 1.30.6; Oops, didn't mean to remove toor (just yet).
|
#
1.29 |
|
25-Jan-2003 |
soren |
Consistently with previous such changes, make daemon's default group 1(daemon) rather than 31(guest). FreeBSD and OpenBSD have done the same thing.
|
Revision tags: fvdl_fs64_base
|
#
1.28 |
|
27-Oct-2002 |
christos |
make nobody's shell back /sbin/nologin. we'll use su -m for xdm.
|
#
1.27 |
|
27-Oct-2002 |
christos |
Don't make the shell of nobody /sbin/nologin. There are programs that expect to be executing su nobody -c 'command', such as xdm's Xwilling do this.
|
#
1.26 |
|
06-Jul-2002 |
tron |
Remove unused user and group "news" as discussed on "tech-userlevel".
|
#
1.25 |
|
05-Jun-2002 |
itojun |
uid/gid for sendmail 8.12.x. disallow chroot priv accounts from being used for ftp.
|
Revision tags: netbsd-1-6-PATCH002-RELEASE netbsd-1-6-PATCH002 netbsd-1-6-PATCH002-RC4 netbsd-1-6-PATCH002-RC3 netbsd-1-6-PATCH002-RC2 netbsd-1-6-PATCH002-RC1 netbsd-1-6-PATCH001 netbsd-1-6-PATCH001-RELEASE netbsd-1-6-PATCH001-RC3 netbsd-1-6-PATCH001-RC2 netbsd-1-6-PATCH001-RC1 netbsd-1-6-RELEASE netbsd-1-6-RC3 netbsd-1-6-RC2 netbsd-1-6-RC1 netbsd-1-6-base
|
#
1.24 |
|
20-May-2002 |
atatat |
tweak GECOS for games
|
#
1.23 |
|
20-May-2002 |
atatat |
tweak GECOS for postfix
|
#
1.22 |
|
17-May-2002 |
lukem |
fix ~sshd. tweak GECOS for named,ntpd,sshd
|
#
1.21 |
|
14-May-2002 |
itojun |
dig sshd uid/gid, and /var/empty, for sshd privilege separation
|
#
1.20 |
|
11-Oct-2001 |
lukem |
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
|
#
1.19 |
|
04-Mar-2001 |
lukem |
remove `falken' user; nothing depends upon it, it causes confusion about whether it's required or not, and by default it's useless anyway (because the one-hit-wonder joke with respect to its shell being /usr/games/wargames is moot unless you enable the account)
|
#
1.18 |
|
26-Feb-2001 |
lukem |
remove `ingres' user & group; we have never shipped with ingres in the base distribution, and packages that need a specific user & group can create it.
|
#
1.17 |
|
26-Feb-2001 |
lukem |
add named pseudo-user & group
|
Revision tags: netbsd-1-5-PATCH003 netbsd-1-5-PATCH002 netbsd-1-5-PATCH001 netbsd-1-5-RELEASE netbsd-1-5-BETA2 netbsd-1-5-BETA netbsd-1-4-PATCH003 netbsd-1-5-ALPHA2 netbsd-1-5-base minoura-xpg4dl-base netbsd-1-4-PATCH002 wrstuden-devbsize-19991221 wrstuden-devbsize-base comdex-fall-1999-base netbsd-1-4-PATCH001 netbsd-1-4-RELEASE netbsd-1-4-base
|
#
1.16 |
|
27-Mar-1999 |
abs |
If we have an 'operator' user, it should at least be gid operator.
|
#
1.15 |
|
27-Mar-1999 |
perry |
add postfix uid/gid, maildrop gid
|
#
1.14 |
|
25-Mar-1999 |
lukem |
change user `nobody's group from 9999 (non-existant) to 39 (group `nobody'). from Soren S. Jorvang <soren@t.dk> in [misc/6806]
|
#
1.13 |
|
17-Mar-1999 |
wrstuden |
toor is back, disabled by default as before.
|
#
1.12 |
|
16-Mar-1999 |
jonathan |
Revert to status quo ante (root's shell is csh, per BSD tradition), pending the proper procedures for making such a change.
|
#
1.11 |
|
15-Mar-1999 |
hubertf |
Give root a Bourne shell.
|
#
1.10 |
|
14-Mar-1999 |
abs |
It was just Plain Wrong to ship a password file that triggers /etc/security. Remove toor - if people want another root account, we'll assume they can copy and modify the root line.
|
Revision tags: netbsd-1-3-PATCH003 netbsd-1-3-PATCH003-CANDIDATE2 netbsd-1-3-PATCH003-CANDIDATE1 netbsd-1-3-PATCH003-CANDIDATE0 netbsd-1-3-PATCH002 netbsd-1-3-PATCH001 netbsd-1-3-RELEASE netbsd-1-3-BETA netbsd-1-3-base
|
#
1.9 |
|
19-Aug-1997 |
lukem |
As per [bin/1814] from Arne Juul <arnej@imf.unit.no>, and discussions with matt green <mrg@netbsd.org> (to shut up /etc/security) * set ingres account shell to /sbin/nologin * set ~daemon to / (not /root)
|
#
1.8 |
|
10-Jul-1997 |
mikel |
make toor's shell explicit to shut up /etc/security
|
#
1.7 |
|
15-Feb-1997 |
mikel |
cleanup Lite-1 merge
|
Revision tags: netbsd-1-2-PATCH001 netbsd-1-2-RELEASE netbsd-1-2-BETA netbsd-1-2-base netbsd-1-1-PATCH001 netbsd-1-1-RELEASE netbsd-1-1-base
|
#
1.6 |
|
03-Nov-1994 |
mycroft |
Correct the professor's name.
|
Revision tags: netbsd-1-0-PATCH06 netbsd-1-0-PATCH05 netbsd-1-0-PATCH04 netbsd-1-0-PATCH03 netbsd-1-0-PATCH02 netbsd-1-0-PATCH1 netbsd-1-0-PATCH0 netbsd-1-0-RELEASE netbsd-1-0-base
|
#
1.5 |
|
09-Feb-1994 |
cgd |
disable toor by default
|
#
1.4 |
|
09-Aug-1993 |
jtc |
uucp's shell, uucico, is in /usr/libexec/uucp (not /usr/lib/uucp).
|
Revision tags: netbsd-0-9-RELEASE netbsd-0-9-BETA netbsd-0-9-ALPHA2 netbsd-0-9-ALPHA netbsd-0-9-base
|
#
1.3 |
|
06-Jun-1993 |
cgd |
make root/operator group ids sane...
|
Revision tags: netbsd-0-8 netbsd-alpha-1
|
#
1.2 |
|
02-Apr-1993 |
cgd |
got rid of bill, lynne, ken, and dmr
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914
|
#
1.48 |
|
20-Aug-2016 |
christos |
unbound additions
|
Revision tags: netbsd-7-0-2-RELEASE netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base tls-maxphys-base
|
#
1.47 |
|
09-Jul-2013 |
roy |
Add _rtadvd user and group. Add a chroot dir for the _rtadvd user. Drop privs to the user _rtadvd after acquiring our socket. When rc.d/rtadvd starts or reloads, the rtadvd config file is copied into the chroot before starting or reloading rtadvd itself. Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.46 |
|
25-Apr-2012 |
riz |
branches: 1.46.2; Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS.
Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
Revision tags: yamt-pagecache-base4 netbsd-6-base
|
#
1.45 |
|
27-Jan-2012 |
christos |
branches: 1.45.2; - add _tss user for tcsd, and needed directories for TrouSerS. This is all unused as of now because the trousers is not connected to the build yet.
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.44 |
|
05-Aug-2011 |
jmmv |
branches: 1.44.2; Rename the _atf user to _tests. The _atf name will get obsoleted if/when we migrate to Kyua (atf v2), so it's better to use a generic name that does not depend on the specific implementation. Also, this user has not gone out yet into any stable release, so we can easily rename it.
Suggested by jruoho@.
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.43 |
|
17-Dec-2010 |
jruoho |
Make tcpdump(8) to drop root privileges and chroot(2) by default.
|
#
1.42 |
|
07-Nov-2010 |
jmmv |
Add the _atf user and group to be able to run unprivileged tests automatically without having to manually tweak the 'unprivileged-user' setting. Suggested by pooka@.
|
Revision tags: matt-premerge-20091211
|
#
1.41 |
|
03-Oct-2009 |
christos |
mdnsd home should not be /var/www!
|
#
1.40 |
|
29-Sep-2009 |
tsarna |
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 mjf-devfs2-base2 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base mjf-devfs2-base keiichi-mipv6-base mjf-devfs-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.39 |
|
15-Oct-2007 |
tls |
Add httpd to the build. Add _httpd to passwd and groups and postinstall. Add /var/www to mtree, add example line to inetd.conf.
|
Revision tags: matt-mips64-base
|
#
1.38 |
|
18-Mar-2007 |
plunky |
branches: 1.38.4; For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.37 |
|
28-Jan-2007 |
cbiere |
Let timedc use the dedicated account "_timedc" for dropping privileges instead of abusing the account "nobody".
|
Revision tags: netbsd-4-0-RC2 netbsd-4-0-RC1 netbsd-4-base
|
#
1.36 |
|
11-Nov-2006 |
christos |
branches: 1.36.2; 1.36.4; goodbye uucp
|
#
1.35 |
|
07-Oct-2006 |
dogcow |
add all the proper fields to _proxy
|
#
1.34 |
|
07-Oct-2006 |
rpaulo |
PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks!
|
Revision tags: abandoned-netbsd-4-base
|
#
1.33 |
|
29-May-2006 |
christos |
Remove sendmail (approved by core)
|
#
1.32 |
|
12-Sep-2005 |
tsarna |
add _rwhod user (and group)
|
#
1.31 |
|
04-Apr-2005 |
peter |
Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4).
Approved by core.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-3-base netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.30 |
|
24-Jan-2003 |
soren |
branches: 1.30.6; Oops, didn't mean to remove toor (just yet).
|
#
1.29 |
|
24-Jan-2003 |
soren |
Consistently with previous such changes, make daemon's default group 1(daemon) rather than 31(guest). FreeBSD and OpenBSD have done the same thing.
|
Revision tags: fvdl_fs64_base
|
#
1.28 |
|
27-Oct-2002 |
christos |
make nobody's shell back /sbin/nologin. we'll use su -m for xdm.
|
#
1.27 |
|
26-Oct-2002 |
christos |
Don't make the shell of nobody /sbin/nologin. There are programs that expect to be executing su nobody -c 'command', such as xdm's Xwilling do this.
|
#
1.26 |
|
06-Jul-2002 |
tron |
Remove unused user and group "news" as discussed on "tech-userlevel".
|
#
1.25 |
|
05-Jun-2002 |
itojun |
uid/gid for sendmail 8.12.x. disallow chroot priv accounts from being used for ftp.
|
Revision tags: netbsd-1-6-PATCH002-RELEASE netbsd-1-6-PATCH002 netbsd-1-6-PATCH002-RC4 netbsd-1-6-PATCH002-RC3 netbsd-1-6-PATCH002-RC2 netbsd-1-6-PATCH002-RC1 netbsd-1-6-PATCH001 netbsd-1-6-PATCH001-RELEASE netbsd-1-6-PATCH001-RC3 netbsd-1-6-PATCH001-RC2 netbsd-1-6-PATCH001-RC1 netbsd-1-6-RELEASE netbsd-1-6-RC3 netbsd-1-6-RC2 netbsd-1-6-RC1 netbsd-1-6-base
|
#
1.24 |
|
20-May-2002 |
atatat |
tweak GECOS for games
|
#
1.23 |
|
20-May-2002 |
atatat |
tweak GECOS for postfix
|
#
1.22 |
|
16-May-2002 |
lukem |
fix ~sshd. tweak GECOS for named,ntpd,sshd
|
#
1.21 |
|
14-May-2002 |
itojun |
dig sshd uid/gid, and /var/empty, for sshd privilege separation
|
#
1.20 |
|
11-Oct-2001 |
lukem |
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
|
#
1.19 |
|
03-Mar-2001 |
lukem |
remove `falken' user; nothing depends upon it, it causes confusion about whether it's required or not, and by default it's useless anyway (because the one-hit-wonder joke with respect to its shell being /usr/games/wargames is moot unless you enable the account)
|
#
1.18 |
|
26-Feb-2001 |
lukem |
remove `ingres' user & group; we have never shipped with ingres in the base distribution, and packages that need a specific user & group can create it.
|
#
1.17 |
|
25-Feb-2001 |
lukem |
add named pseudo-user & group
|
Revision tags: netbsd-1-5-PATCH003 netbsd-1-5-PATCH002 netbsd-1-5-PATCH001 netbsd-1-5-RELEASE netbsd-1-5-BETA2 netbsd-1-5-BETA netbsd-1-4-PATCH003 netbsd-1-5-ALPHA2 netbsd-1-5-base minoura-xpg4dl-base netbsd-1-4-PATCH002 wrstuden-devbsize-19991221 wrstuden-devbsize-base comdex-fall-1999-base netbsd-1-4-PATCH001 netbsd-1-4-RELEASE netbsd-1-4-base
|
#
1.16 |
|
26-Mar-1999 |
abs |
If we have an 'operator' user, it should at least be gid operator.
|
#
1.15 |
|
26-Mar-1999 |
perry |
add postfix uid/gid, maildrop gid
|
#
1.14 |
|
25-Mar-1999 |
lukem |
change user `nobody's group from 9999 (non-existant) to 39 (group `nobody'). from Soren S. Jorvang <soren@t.dk> in [misc/6806]
|
#
1.13 |
|
16-Mar-1999 |
wrstuden |
toor is back, disabled by default as before.
|
#
1.12 |
|
16-Mar-1999 |
jonathan |
Revert to status quo ante (root's shell is csh, per BSD tradition), pending the proper procedures for making such a change.
|
#
1.11 |
|
15-Mar-1999 |
hubertf |
Give root a Bourne shell.
|
#
1.10 |
|
14-Mar-1999 |
abs |
It was just Plain Wrong to ship a password file that triggers /etc/security. Remove toor - if people want another root account, we'll assume they can copy and modify the root line.
|
Revision tags: netbsd-1-3-PATCH003 netbsd-1-3-PATCH003-CANDIDATE2 netbsd-1-3-PATCH003-CANDIDATE1 netbsd-1-3-PATCH003-CANDIDATE0 netbsd-1-3-PATCH002 netbsd-1-3-PATCH001 netbsd-1-3-RELEASE netbsd-1-3-BETA netbsd-1-3-base
|
#
1.9 |
|
19-Aug-1997 |
lukem |
As per [bin/1814] from Arne Juul <arnej@imf.unit.no>, and discussions with matt green <mrg@netbsd.org> (to shut up /etc/security) * set ingres account shell to /sbin/nologin * set ~daemon to / (not /root)
|
#
1.8 |
|
10-Jul-1997 |
mikel |
make toor's shell explicit to shut up /etc/security
|
#
1.7 |
|
15-Feb-1997 |
mikel |
cleanup Lite-1 merge
|
Revision tags: netbsd-1-2-PATCH001 netbsd-1-2-RELEASE netbsd-1-2-BETA netbsd-1-2-base netbsd-1-1-PATCH001 netbsd-1-1-RELEASE netbsd-1-1-base
|
#
1.6 |
|
03-Nov-1994 |
mycroft |
Correct the professor's name.
|
Revision tags: netbsd-1-0-PATCH06 netbsd-1-0-PATCH05 netbsd-1-0-PATCH04 netbsd-1-0-PATCH03 netbsd-1-0-PATCH02 netbsd-1-0-PATCH1 netbsd-1-0-PATCH0 netbsd-1-0-RELEASE netbsd-1-0-base
|
#
1.5 |
|
08-Feb-1994 |
cgd |
disable toor by default
|
#
1.4 |
|
09-Aug-1993 |
jtc |
uucp's shell, uucico, is in /usr/libexec/uucp (not /usr/lib/uucp).
|
Revision tags: netbsd-0-9-RELEASE netbsd-0-9-BETA netbsd-0-9-ALPHA2 netbsd-0-9-ALPHA netbsd-0-9-base
|
#
1.3 |
|
05-Jun-1993 |
cgd |
make root/operator group ids sane...
|
Revision tags: netbsd-0-8 netbsd-alpha-1
|
#
1.2 |
|
02-Apr-1993 |
cgd |
got rid of bill, lynne, ken, and dmr
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|
#
1.47 |
|
09-Jul-2013 |
roy |
Add _rtadvd user and group. Add a chroot dir for the _rtadvd user. Drop privs to the user _rtadvd after acquiring our socket. When rc.d/rtadvd starts or reloads, the rtadvd config file is copied into the chroot before starting or reloading rtadvd itself. Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
|
#
1.46 |
|
24-Apr-2012 |
riz |
branches: 1.46.2; Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS.
Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
#
1.45 |
|
27-Jan-2012 |
christos |
branches: 1.45.2; - add _tss user for tcsd, and needed directories for TrouSerS. This is all unused as of now because the trousers is not connected to the build yet.
|
#
1.44 |
|
05-Aug-2011 |
jmmv |
branches: 1.44.2; Rename the _atf user to _tests. The _atf name will get obsoleted if/when we migrate to Kyua (atf v2), so it's better to use a generic name that does not depend on the specific implementation. Also, this user has not gone out yet into any stable release, so we can easily rename it.
Suggested by jruoho@.
|
#
1.43 |
|
17-Dec-2010 |
jruoho |
Make tcpdump(8) to drop root privileges and chroot(2) by default.
|
#
1.42 |
|
06-Nov-2010 |
jmmv |
Add the _atf user and group to be able to run unprivileged tests automatically without having to manually tweak the 'unprivileged-user' setting. Suggested by pooka@.
|
#
1.41 |
|
03-Oct-2009 |
christos |
mdnsd home should not be /var/www!
|
#
1.40 |
|
29-Sep-2009 |
tsarna |
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
|
#
1.39 |
|
15-Oct-2007 |
tls |
Add httpd to the build. Add _httpd to passwd and groups and postinstall. Add /var/www to mtree, add example line to inetd.conf.
|
#
1.38 |
|
18-Mar-2007 |
plunky |
branches: 1.38.4; For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.37 |
|
28-Jan-2007 |
cbiere |
Let timedc use the dedicated account "_timedc" for dropping privileges instead of abusing the account "nobody".
|
#
1.36 |
|
11-Nov-2006 |
christos |
branches: 1.36.2; 1.36.4; goodbye uucp
|
#
1.35 |
|
07-Oct-2006 |
dogcow |
add all the proper fields to _proxy
|
#
1.34 |
|
07-Oct-2006 |
rpaulo |
PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks!
|
#
1.33 |
|
29-May-2006 |
christos |
Remove sendmail (approved by core)
|
#
1.32 |
|
11-Sep-2005 |
tsarna |
add _rwhod user (and group)
|
#
1.31 |
|
04-Apr-2005 |
peter |
Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4).
Approved by core.
|
#
1.30 |
|
24-Jan-2003 |
soren |
branches: 1.30.6; Oops, didn't mean to remove toor (just yet).
|
#
1.29 |
|
24-Jan-2003 |
soren |
Consistently with previous such changes, make daemon's default group 1(daemon) rather than 31(guest). FreeBSD and OpenBSD have done the same thing.
|
#
1.28 |
|
27-Oct-2002 |
christos |
make nobody's shell back /sbin/nologin. we'll use su -m for xdm.
|
#
1.27 |
|
26-Oct-2002 |
christos |
Don't make the shell of nobody /sbin/nologin. There are programs that expect to be executing su nobody -c 'command', such as xdm's Xwilling do this.
|
#
1.26 |
|
06-Jul-2002 |
tron |
Remove unused user and group "news" as discussed on "tech-userlevel".
|
#
1.25 |
|
05-Jun-2002 |
itojun |
uid/gid for sendmail 8.12.x. disallow chroot priv accounts from being used for ftp.
|
#
1.24 |
|
20-May-2002 |
atatat |
tweak GECOS for games
|
#
1.23 |
|
20-May-2002 |
atatat |
tweak GECOS for postfix
|
#
1.22 |
|
16-May-2002 |
lukem |
fix ~sshd. tweak GECOS for named,ntpd,sshd
|
#
1.21 |
|
14-May-2002 |
itojun |
dig sshd uid/gid, and /var/empty, for sshd privilege separation
|
#
1.20 |
|
11-Oct-2001 |
lukem |
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
|
#
1.19 |
|
03-Mar-2001 |
lukem |
remove `falken' user; nothing depends upon it, it causes confusion about whether it's required or not, and by default it's useless anyway (because the one-hit-wonder joke with respect to its shell being /usr/games/wargames is moot unless you enable the account)
|
#
1.18 |
|
25-Feb-2001 |
lukem |
remove `ingres' user & group; we have never shipped with ingres in the base distribution, and packages that need a specific user & group can create it.
|
#
1.17 |
|
25-Feb-2001 |
lukem |
add named pseudo-user & group
|
#
1.16 |
|
26-Mar-1999 |
abs |
If we have an 'operator' user, it should at least be gid operator.
|
#
1.15 |
|
26-Mar-1999 |
perry |
add postfix uid/gid, maildrop gid
|
#
1.14 |
|
25-Mar-1999 |
lukem |
change user `nobody's group from 9999 (non-existant) to 39 (group `nobody'). from Soren S. Jorvang <soren@t.dk> in [misc/6806]
|
#
1.13 |
|
16-Mar-1999 |
wrstuden |
toor is back, disabled by default as before.
|
#
1.12 |
|
16-Mar-1999 |
jonathan |
Revert to status quo ante (root's shell is csh, per BSD tradition), pending the proper procedures for making such a change.
|
#
1.11 |
|
15-Mar-1999 |
hubertf |
Give root a Bourne shell.
|
#
1.10 |
|
14-Mar-1999 |
abs |
It was just Plain Wrong to ship a password file that triggers /etc/security. Remove toor - if people want another root account, we'll assume they can copy and modify the root line.
|
#
1.9 |
|
19-Aug-1997 |
lukem |
As per [bin/1814] from Arne Juul <arnej@imf.unit.no>, and discussions with matt green <mrg@netbsd.org> (to shut up /etc/security) * set ingres account shell to /sbin/nologin * set ~daemon to / (not /root)
|
#
1.8 |
|
10-Jul-1997 |
mikel |
make toor's shell explicit to shut up /etc/security
|
#
1.7 |
|
15-Feb-1997 |
mikel |
cleanup Lite-1 merge
|
#
1.6 |
|
03-Nov-1994 |
mycroft |
Correct the professor's name.
|
#
1.5 |
|
08-Feb-1994 |
cgd |
disable toor by default
|
#
1.4 |
|
09-Aug-1993 |
jtc |
uucp's shell, uucico, is in /usr/libexec/uucp (not /usr/lib/uucp).
|
#
1.3 |
|
05-Jun-1993 |
cgd |
make root/operator group ids sane...
|
#
1.2 |
|
02-Apr-1993 |
cgd |
got rid of bill, lynne, ken, and dmr
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|
#
1.1.1.3 |
|
25-Feb-1997 |
mikel |
import 4.4BSD-Lite2
|
#
1.1.1.2 |
|
14-Feb-1997 |
mikel |
import 4.4BSD-Lite
|
#
1.1.1.1 |
|
21-Mar-1993 |
cgd |
initial import of 386bsd-0.1 sources
|
#
1.30.6.2 |
|
22-Feb-2008 |
bouyer |
Pull up following revision(s) (requested by jnemeth in ticket #1898): etc/master.passwd: revision 1.34, 1.35 via patch etc/group: revision 1.20 dist/pf/libexec/ftp-proxy/ftp-proxy.c: revision 1.12 via patch distrib/notes/common/main: patch PR 30870: Add user ``_proxy'' and make pf's ftp-proxy use it. Initial patch by rivo nurges, thanks! add all the proper fields to _proxy
|
#
1.30.6.1 |
|
13-Apr-2005 |
tron |
Pull up revision 1.31 (requested by peter in ticket #134): Add the _pflogd user which will be used by pflogd(8), the logging daemon for pf(4). Approved by core.
|
#
1.36.4.1 |
|
28-Oct-2007 |
wrstuden |
Catch up with 4.0 RC3
|
#
1.36.2.1 |
|
13-Oct-2007 |
riz |
Pull up following revision(s) (requested by xtraeme in ticket #930): etc/group: revision 1.22 etc/defaults/rc.conf: revision 1.85 etc/master.passwd: revision 1.38 usr.sbin/sdpd/sdpd.8: revision 1.2 usr.sbin/sdpd/sdpd.8: revision 1.3 share/man/man5/rc.conf.5: revision 1.113 etc/rc.d/sdpd: revision 1.2 usr.sbin/sdpd/server.c: revision 1.3 usr.sbin/postinstall/postinstall: revision 1.38 usr.sbin/sdpd/server.h: revision 1.2 usr.sbin/sdpd/main.c: revision 1.2 usr.sbin/sdpd/main.c: revision 1.3 Add an option to permit members of a specific group to register services, in order to lower the barrier for users of bluetooth devices which may need to query services on the local host. change default user/group from nobody/nobody to _sdpd/_sdpd
|
#
1.38.4.1 |
|
06-Nov-2007 |
matt |
sync with HEAD
|
#
1.44.2.3 |
|
22-May-2014 |
yamt |
sync with head.
for a reference, the tree before this commit was tagged as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments")
|
#
1.44.2.2 |
|
23-May-2012 |
yamt |
sync with head.
|
#
1.44.2.1 |
|
16-Apr-2012 |
yamt |
sync with head
|
#
1.45.2.1 |
|
20-Jul-2012 |
riz |
Pull up following revision(s) (requested by gson in ticket #426): etc/master.passwd: revision 1.46 Change root's default shell to /bin/sh, to provide a default which has command line editing, tab completion, and other features users have come to expect from a modern OS. Discussed on current-users approximately two weeks ago. Should be pulled up for NetBSD 6.0.
|
#
1.46.2.1 |
|
19-Aug-2014 |
tls |
Rebase to HEAD as of a few days ago.
|