#
1.99 |
|
19-Jun-2023 |
deraadt |
The group "operator" gatekeeps a few superuser abilities (dumping disks, manipulating tape drives -> means gid operator on device nodes). This group is also used with group-access bit on the setuid-root shutdown command (mode ug+x,u+s). Some people use this to shutdown/reboot their machines, but use of that group is giving them disk read access also, which is wrong. It would be a pain to re-gid all the device nodes, so instead let's renumber the operator execution gid into group "_shutdown". Users using this shutdown/reboot functionality will notice it no longer works, and move themselves to the correct group. Various choices discussed at large, this seems our best choice. ok sthen
|
Revision tags: OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.98 |
|
23-Aug-2022 |
martijn |
(Re)add support for agentx in snmpd Current omissions in protocol support are notifications, index (de)allocation, and agent capabilities.
Help testing sthen@ Feedback/tweaks/OK jmatthew@
|
#
1.97 |
|
28-Jun-2022 |
claudio |
Add missing colon. Noticed by jmc@
|
#
1.96 |
|
28-Jun-2022 |
claudio |
Hook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and all the other rc plumbing. OK deraadt@
|
#
1.95 |
|
21-Apr-2022 |
danj |
Remove _switchd user/group/alias
ok millert deraadt
switchd(8) was removed back in November. Commit message was:
Retire switchd and switchctl. While interesting they never managed to really get into a usable state. The OpenFlow API is mostly superseeded by P4 and so this is a bit of a dead end.
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.94 |
|
28-Jan-2020 |
naddy |
sort
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.98 |
|
23-Aug-2022 |
martijn |
(Re)add support for agentx in snmpd Current omissions in protocol support are notifications, index (de)allocation, and agent capabilities.
Help testing sthen@ Feedback/tweaks/OK jmatthew@
|
#
1.97 |
|
28-Jun-2022 |
claudio |
Add missing colon. Noticed by jmc@
|
#
1.96 |
|
28-Jun-2022 |
claudio |
Hook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and all the other rc plumbing. OK deraadt@
|
#
1.95 |
|
21-Apr-2022 |
danj |
Remove _switchd user/group/alias
ok millert deraadt
switchd(8) was removed back in November. Commit message was:
Retire switchd and switchctl. While interesting they never managed to really get into a usable state. The OpenFlow API is mostly superseeded by P4 and so this is a bit of a dead end.
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.94 |
|
28-Jan-2020 |
naddy |
sort
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.97 |
|
28-Jun-2022 |
claudio |
Add missing colon. Noticed by jmc@
|
#
1.96 |
|
28-Jun-2022 |
claudio |
Hook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and all the other rc plumbing. OK deraadt@
|
#
1.95 |
|
21-Apr-2022 |
danj |
Remove _switchd user/group/alias
ok millert deraadt
switchd(8) was removed back in November. Commit message was:
Retire switchd and switchctl. While interesting they never managed to really get into a usable state. The OpenFlow API is mostly superseeded by P4 and so this is a bit of a dead end.
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.94 |
|
28-Jan-2020 |
naddy |
sort
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.95 |
|
21-Apr-2022 |
danj |
Remove _switchd user/group/alias
ok millert deraadt
switchd(8) was removed back in November. Commit message was:
Retire switchd and switchctl. While interesting they never managed to really get into a usable state. The OpenFlow API is mostly superseeded by P4 and so this is a bit of a dead end.
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.94 |
|
28-Jan-2020 |
naddy |
sort
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.94 |
|
28-Jan-2020 |
naddy |
sort
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.93 |
|
24-Jan-2020 |
tedu |
retire rebound etc bits to the attic
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.92 |
|
14-Nov-2019 |
deraadt |
uid/gid 70 is _rpki-client for privdrop; ok benno
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.91 |
|
26-Jan-2019 |
florian |
add _unwind user; OK deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.90 |
|
23-Jul-2018 |
florian |
Remove rtadvd(8) leftovers in etc. OK deraadt, phessler
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.89 |
|
12-Jul-2018 |
florian |
Add _rad user and group for rad(8). This recycles the _btd uid/gid that have been removed in 2013. Discussed in the hackroom.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.88 |
|
18-Mar-2017 |
florian |
add user for slaacd(8)
|
#
1.87 |
|
19-Jan-2017 |
ajacoutot |
Add the _syspatch user/group: an unprivileged user for syspatch(8) used to fetch and verify patches.
discussed with deraadt@ rpe@ ok deraadt@
|
#
1.86 |
|
27-Dec-2016 |
jca |
Remove user uucp and group news from base.
|
#
1.85 |
|
15-Nov-2016 |
tb |
Introduce the build user and the wobj group that will soon be used as defaults for building the system from source.
ok deraadt
|
#
1.84 |
|
07-Oct-2016 |
deraadt |
use better uid/gid for _switchd
|
#
1.83 |
|
06-Oct-2016 |
reyk |
Add _switchd
|
#
1.82 |
|
27-Sep-2016 |
florian |
Add unprivileged user for traceroute. Input deraadt@ OK benno@, sthen@
|
#
1.81 |
|
26-Sep-2016 |
florian |
Add _ping user/group. OK natano on a previous diff which used a different uid/gid. naddy@ pointed out that uid/gid was already taken on "important" systems. Turns out we cannot easily recycle freed up uids/gids so settle on 51.
|
#
1.80 |
|
13-Sep-2016 |
deraadt |
proxy uid/gid was split up for seperate purposes; it can go away now.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.79 |
|
05-Mar-2016 |
espie |
add proper entries for pkg_add privsep, instead of piggy-backing on _pfetch which was a "better than nothing" measure for 5.9.
Another user to come. Approved by deraadt@ on principle.
thanks sthen@ for checking my lines over.
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.78 |
|
16-Dec-2015 |
ratchov |
Add _sndiop user and group for (future) privileged sndiod process.
ok deraadt
|
#
1.77 |
|
01-Dec-2015 |
deraadt |
create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back
|
#
1.76 |
|
09-Nov-2015 |
mlarkin |
Add user "_vmd" for forthcoming vmd daemon
ok deraadt@
|
#
1.75 |
|
15-Oct-2015 |
tedu |
_rebound user and group (52)
|
#
1.74 |
|
04-Oct-2015 |
deraadt |
add _eigrpd user/group
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.73 |
|
21-Jul-2015 |
yasuoka |
Add _radius to etc/master.passwd and etc/group for coming radiusd.
ok deraadt
|
#
1.72 |
|
17-Jul-2015 |
sthen |
Add _dpb, _pbuild, _pfetch users to make it easier for people doing dpb multi-user builds. Discussed with espie, ajacoutot, ok deraadt
|
#
1.71 |
|
27-Apr-2015 |
nicm |
Add a _file user and use for privsep, ok deraadt
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.70 |
|
17-Oct-2014 |
ajacoutot |
Drop the _lkm group.
ok dcoppa@ deraadt@
|
#
1.69 |
|
20-Sep-2014 |
ajacoutot |
Drop smmsp group and alias.
ok matthieu@ miod@
|
#
1.68 |
|
22-Aug-2014 |
deraadt |
disable use of bind in base; in the base use nsd/unbound instead. a proper & complete bind port will show up. discussed with many for years
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.67 |
|
27-Apr-2014 |
yasuoka |
Get back "_ppp" user and "_ppp" group. From now they will be solely used by npppd.
ok deraadt
|
#
1.66 |
|
17-Mar-2014 |
deraadt |
_ppp uid/gid will come up for recycling (but please not within a year)
|
#
1.65 |
|
15-Mar-2014 |
sthen |
Enable Unbound in base, ok deraadt@
|
#
1.64 |
|
13-Mar-2014 |
tedu |
smtpd dudes forgot to add their _smtpq user
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.63 |
|
15-Dec-2013 |
tedu |
remove popa3d etc tendrils
|
#
1.62 |
|
19-Aug-2013 |
ajacoutot |
Remove the following users which became obsolete: * _afs: arla/nnpfs got disabled then removed long ago * _kdc, _kadmin: these were added 10 years ago but never used for anything afaict
ok dcoppa@ beck@
|
#
1.61 |
|
09-Aug-2013 |
ajacoutot |
Remove all references to btd and the corresponding _btd user and group.
ok sthen@ deraadt@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.60 |
|
12-Oct-2012 |
dcoppa |
Add the _iscsid user, required by iscsid
OK claudio@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.59 |
|
03-Jun-2010 |
reyk |
Add a new _iked user with uid 101 instead of (ab)using the _isakmpd user.
ok deraadt@
|
#
1.58 |
|
03-Jun-2010 |
martinh |
enable ldapd and ldapctl in the build
ok deraadt@
|
#
1.57 |
|
22-Apr-2010 |
ratchov |
Allow multiple users to share the same aucat server. If aucat is run by root, it binds a shared address to the socket, cranks the process priority and drops privileges. sio_open(3) will try to connect to the private socket first (if any), then to the shared socket. Only one user may have connections to aucat at a given time.
based on discussions with henning, pyr and others ok jacek, deraadt
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
22-Feb-2010 |
claudio |
Add _ldpd user for ldpd(8). OK dlg, deraadt
|
#
1.55 |
|
16-Jan-2010 |
jakob |
add user/group for nsd; ok nick@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.54 |
|
20-May-2009 |
thib |
add a group _rwalld too
|
#
1.53 |
|
04-Mar-2009 |
gilles |
add user and group for smtpd discussed with pyr@ and deraadt@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.52 |
|
25-Nov-2008 |
fkr |
add user '_btd' for the bluetooth daemon. discussed with and ok uwe@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.51 |
|
26-Jun-2008 |
pyr |
add user and group needed for ypldap.
|
#
1.50 |
|
09-Jun-2008 |
rainer |
drop root privileges in rtadvd to _rtadvd
ok deraadt@, reyk@, pyr@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.49 |
|
31-Jan-2008 |
reyk |
enable snmpd in the build
approved by deraadt@, ok thib@
|
#
1.48 |
|
07-Dec-2007 |
deraadt |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.47 |
|
08-Oct-2007 |
norby |
Add the user _ospf6d otherwise the newly imported ospf6d daemon will not start.
ok dlg@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.46 |
|
31-Jan-2007 |
pyr |
link hoststated to the builds. ok miod@, henning@
|
#
1.45 |
|
29-Oct-2006 |
norby |
Add the _ripd user and startup stuff.
ok claudio@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.44 |
|
01-Jun-2006 |
norby |
add all the goo to hook dvmrp into the system
ok derradt@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.43 |
|
13-Apr-2005 |
henning |
say hi to _hostapd
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.42 |
|
18-Jan-2005 |
henning |
user and group _ospfd, with claudio
|
#
1.41 |
|
24-Nov-2004 |
henning |
say hi to _ftp
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.40 |
|
30-May-2004 |
henning |
new user/group _ntp, theo ok
|
#
1.39 |
|
06-May-2004 |
deraadt |
change _pppoe to _ppp, i had thought about it before, but henning has convinced me
|
#
1.38 |
|
06-May-2004 |
deraadt |
_pppoe privdrop user for canacar
|
#
1.37 |
|
06-May-2004 |
deraadt |
_afs user for privsep; beck ok
|
#
1.36 |
|
30-Apr-2004 |
deraadt |
rbootd privsep uid/gid
|
#
1.35 |
|
17-Apr-2004 |
henning |
new user/group _tftpd, theo ok
|
#
1.34 |
|
14-Apr-2004 |
henning |
user/group _mopd for, well, mopd. theo ok
|
#
1.33 |
|
13-Apr-2004 |
henning |
new _dhcp user for, well, dhcp stuff, theo ok
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.32 |
|
19-Jan-2004 |
deraadt |
fake _tcpdump user for upcoming privsep work
|
#
1.31 |
|
17-Dec-2003 |
henning |
add user & group _bgpd ok deraadt@ millert@
|
#
1.30 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.29 |
|
24-Jul-2003 |
deraadt |
_syslogd privsep uid/gid as requested by avsm
|
#
1.28 |
|
14-May-2003 |
jakob |
add _isakmpd user/group for privsep. ok millert@
|
#
1.27 |
|
14-May-2003 |
hin |
_kdc and _kadmin users and groups added. Will be used by the kerberos kdc and admin servers
ok deraadt@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.26 |
|
06-Jan-2003 |
deraadt |
_lkm group for modstat(8); millert ok
|
#
1.25 |
|
24-Dec-2002 |
deraadt |
_spamd
|
#
1.24 |
|
21-Nov-2002 |
millert |
To avoid possible conflict with pre-existing groups, change shadow -> _shadow, tokenadm -> _token, and also add _radius.
|
#
1.23 |
|
21-Nov-2002 |
millert |
Add a new group, "tokenadm" and make login_token setgid tokenadm instead of setuid root. deraadt@ OK
|
#
1.22 |
|
21-Nov-2002 |
millert |
Add a "shadow" group and make the shadow passwd db readable by that group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@
If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.21 |
|
04-Sep-2002 |
matthieu |
_x11 user and group for the X server when run by xdm. ok deraadt@ The actual X code to use them will be added soon.
|
#
1.20 |
|
02-Aug-2002 |
deraadt |
_sshagnt will be used to secure ssh-agent(1) more
|
#
1.19 |
|
15-Jul-2002 |
deraadt |
5 new uid/gid sets; millert ok
|
#
1.18 |
|
07-Jun-2002 |
beck |
authpf group, for authpf
|
#
1.17 |
|
09-May-2002 |
millert |
Add crontab group for when crontab loses its setuid bit tomorrow. Consider this a head-up...
|
#
1.16 |
|
08-May-2002 |
deraadt |
move to sshd.sshd instead
|
#
1.15 |
|
07-May-2002 |
deraadt |
ssh uid and gid for privsep
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE
|
#
1.14 |
|
25-Sep-2001 |
deraadt |
popa3d pieces
|
#
1.13 |
|
11-Sep-2001 |
millert |
Scaffolding to support sendmail 8.12. Note that the new smmsp user/group are *required*.
|
#
1.12 |
|
05-Sep-2001 |
beck |
Add proxy user
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.11 |
|
12-Dec-2000 |
millert |
Add "auth" group
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE OPENBSD_2_8_BASE
|
#
1.10 |
|
04-Feb-1999 |
angelos |
No longer need an audlog group.
|
#
1.9 |
|
03-Feb-1999 |
angelos |
gid 71 is now "audlog"
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.8 |
|
20-Sep-1998 |
deraadt |
bye bye ingres
|
#
1.7 |
|
24-May-1998 |
millert |
give named its own group
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.6 |
|
05-Mar-1998 |
deraadt |
add user www, group www
|
#
1.5 |
|
11-Dec-1997 |
brian |
Add group `network'. This group is intended for use by network daemons such as ppp, pppd and slattach. These programs will be mode 4550 and group network (soon), allowing the sys-admin control over who manipulates interface configurations and routing tables.
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.4 |
|
04-Mar-1997 |
downsj |
Add a suggested users group.
|
#
1.3 |
|
31-Oct-1996 |
millert |
nobody gid == nobody uid (32767)
|
#
1.2 |
|
31-Oct-1996 |
deraadt |
nobody wants a group name
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|