NFS tools

Reinhard bookreader at gmx.com
Sat Mar 13 21:40:14 PST 2004


On Saturday 13 March 2004 19:42, Dagmar d'Surreal wrote:
> On Fri, 2004-03-12 at 21:28, Reinhard wrote:
> > On Saturday 13 March 2004 05:04, Daniel Díaz wrote:
> > > Also, after I finished my LFS system I never welcomed the 'nobody'
> > > user, and therefore the --with-statduser=somebody had to be added.
> > >
> > > groupadd rpc &&
> > > useradd -c rpc -d /dev/null -g rpc -s /bin/false rpc
> >
> > Could you please explain me the advantage of you version using the user
> > 'rpc' with an occasional uid against using 'nobody' with known uid ?
>
> The "nobody" role account is frequently overused.  When you've got more
> than one thing using it, it becomes impossible to determine which daemon
> did what to your filesystem (as an example) after the fact.  If the
> system has role accounts set up for each special purpose daemon, you can
> tell which bits belong to what at runtime, as well as apply restrictions
> to them on a per-service basis.

Thank you Dagmar for mention it. That's quite a different question. 
Based on that - it makes sense to create a different user for each daemon.
I thought nfs-tools are not the only rpc-services, so not a big difference to 
using nobody.




More information about the blfs-dev mailing list