On Tuesday 23 May 2017, Dominique Leuenberger / DimStar wrote:
On Tue, 2017-05-23 at 17:46 +0200, Stephan Kulow wrote:
Am 23.05.2017 um 17:35 schrieb Dominique Leuenberger / DimStar:
On Tue, 2017-05-23 at 16:47 +0200, Ruediger Meier wrote:
Hi,
seems that Tumbleweed and Factory has no more user "nobody" defined in /etc/passwd. Is this wanted?
cu, Rudi
That is indeed wanted - the list of users has constantly been growing and for many users/groups, it is/was not clear what requires them.
So Thorsten worked on a way to change this - and packages nowadays have to specify if their content wants a specific user/group to be present.
See also the packaging guidelines at https://en.opensuse.org/openSUSE:Packaging_guidelines#Users_and_G ro ups
But 'nobody'? I don't see it as a system user - mere the lack of user.
Greetings, Stephan
historically, everything was thrown at 'nobody' for security reasons - until somebody realized that entire systems running as nobody is not actually secure, as services could start interacting.
'nobody' has no special meaning in any way.
The are programs which treat nobody as the only user which is neither a system nor user account.
I don't see why it should be treated specially (unlike root/uid=0);. It's still right at your disposal if you have a package relying on it (e.g. NFS using it as fallback for 'anonymous/unknown') - you just need to specify it.
You forget about users or thirdparty software which is still using nobody for whatever reason. IMO it makes no sense that openSUSE is the only existing Linux distro which does not provide "nobody/nogroup We will get bug reports for sure if we remove nobody. It doesn't hurt to keep it as it. BTW "bin" and "daemon" are also missing. They are even *required* by LSB, while "nobody" is optional. http://refspecs.linuxbase.org/LSB_3.0.0/LSB-PDA/LSB-PDA/usernames.html cu, Rudi -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org