dagmar.wants at nospam.com
Sat Mar 13 10:42:06 PST 2004
On Fri, 2004-03-12 at 21:28, Reinhard wrote:
> On Saturday 13 March 2004 05:04, Daniel Díaz wrote:
> > Also, after I finished my LFS system I never welcomed the 'nobody' user,
> > and therefore the --with-statduser=somebody had to be added.
> > groupadd rpc &&
> > useradd -c rpc -d /dev/null -g rpc -s /bin/false rpc
> Could you please explain me the advantage of you version using the user 'rpc'
> with an occasional uid against using 'nobody' with known uid ?
The "nobody" role account is frequently overused. When you've got more
than one thing using it, it becomes impossible to determine which daemon
did what to your filesystem (as an example) after the fact. If the
system has role accounts set up for each special purpose daemon, you can
tell which bits belong to what at runtime, as well as apply restrictions
to them on a per-service basis.
The email address above is phony because my penis is already large enough, kthx.
AIM: evilDagmar Jabber: evilDagmar at jabber.org
More information about the blfs-dev