[opensuse] Why is "Novell Customer Center User" in my password file?
Listmates, On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was: suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash WTF? Why is Novell Customer Center in my password file as a system user? -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
Listmates,
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
WTF? Why is Novell Customer Center in my password file as a system user?
It's a secret plan for world domination. Well, it was a secret. :-) I think perhaps it's to do with the registration or somesuch. /Per -- Per Jessen, Zürich (8.2°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Mar 13, 2009 at 09:53:12AM +0100, Per Jessen wrote:
David C. Rankin wrote:
Listmates,
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
WTF? Why is Novell Customer Center in my password file as a system user?
It's a secret plan for world domination. Well, it was a secret. :-)
I think perhaps it's to do with the registration or somesuch.
Its a system user, its use mostly to run the webbrowser under for registration with NCC in SLES/SLED. (yast2 novell customer center module starts a webbrowser, but does this as this specific suse-ncc user instead of root.) Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2009-03-13 at 10:55 +0100, Marcus Meissner wrote:
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
Me too.
Its a system user, its use mostly to run the webbrowser under for registration with NCC in SLES/SLED. (yast2 novell customer center module starts a webbrowser, but does this as this specific suse-ncc user instead of root.)
Ok, but then, why do we have that entry in openSUSE? - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkm6TY8ACgkQtTMYHG2NR9W5QACeMjh/fUz9wmhR4Qthw+E2W/kG fiMAnRsyshfmJJkwwqGxrD2asENp17Jh =+rLc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. escribió:
Ok, but then, why do we have that entry in openSUSE?
Guess what ? SLE is based in openSUSE, they share almost all ;P -- "If this is the best God can do, I am not impressed" -George Carlin (1937-2008) Cristian Rodríguez R. Software Developer Platform/OpenSUSE - Core Services SUSE LINUX Products GmbH Research & Development http://www.opensuse.org/
Hi :) El Friday 13 March 2009, Cristian Rodríguez escribió:
Carlos E. R. escribió:
Ok, but then, why do we have that entry in openSUSE?
Guess what ? SLE is based in openSUSE, they share almost all ;P
Makes no sense. They (openSUSE & SLES/SLED) should share what they have in common. But, if (as Marcus wrote): > Its a system user, its use mostly to run the > webbrowser under for registration with NCC in > SLES/SLED. (yast2 novell customer center module > starts a webbrowser, but does this as this > specific suse-ncc user instead of root.) it's SLES/SLED specific, it shouldn't be in openSUSE, right? Unless, Novell plans using the same feature under openSUSE's YaST2 for registration purpose. Rafa -- "We cannot treat computers as Humans. Computers need love." rgriman@skype.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 2009-03-13 at 10:11 -0300, Cristian Rodríguez wrote:
Carlos E. R. escribió:
Ok, but then, why do we have that entry in openSUSE?
Guess what ? SLE is based in openSUSE, they share almost all ;P
Okay, so why is it in my /etc/passwd file then? Is it required for openSUSE in order to register? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Mike McMullin escribió:
Okay, so why is it in my /etc/passwd file then? Is it required for openSUSE in order to register?
read the other mails on the topic..please. -- "If this is the best God can do, I am not impressed" -George Carlin (1937-2008) Cristian Rodríguez R. Software Developer Platform/OpenSUSE - Core Services SUSE LINUX Products GmbH Research & Development http://www.opensuse.org/
On Sat, 2009-03-14 at 02:02 -0300, Cristian Rodríguez wrote:
Mike McMullin escribió:
Okay, so why is it in my /etc/passwd file then? Is it required for openSUSE in order to register?
read the other mails on the topic..please.
I did, sadly the picture came in piecemeal, but it did come in. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 13 March 2009 11:55:40 pm Mike McMullin wrote:
On Fri, 2009-03-13 at 10:11 -0300, Cristian Rodríguez wrote:
Carlos E. R. escribió:
Ok, but then, why do we have that entry in openSUSE?
Guess what ? SLE is based in openSUSE, they share almost all ;P
Okay, so why is it in my /etc/passwd file then? Is it required for openSUSE in order to register?
No, it is feature of openSUSE 13.x release, it just slipped too early. :-D -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 13 Mar 2009, David C. Rankin wrote:
Listmates,
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet! OTOH, could it be for remore support? Seems like the have that capability on the commecial side. Lee ============================================== Leland V. Lammert lvl@omnitec.net Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net ============================================== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 13 March 2009 15:38:12 L. V. Lammert wrote:
it was login enabled yet!
Absolutely not. The password is set to *, which makes it impossible to log in.
OTOH, could it be for remore support? Seems like the have that capability on the commecial side.
There is remote support, but not through such users. It is provided with remote desktop features that a logged in user has to approve and manually enable. No magic Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 13 Mar 2009, L. V. Lammert wrote:-
On Fri, 13 Mar 2009, David C. Rankin wrote:
Listmates,
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
You can't log in as suse-ncc. While there is supposedly a password set, and a valid shell is specified, you'll find /etc/shadow has something like this: /etc/shadow:suse-ncc:!:13879:0:99999:7::: Making it just as impossible to log in as that user as it is to log in as any of these other "users": at:!:13103:0:99999:7::: dhcpd:!:13103:0:99999:7::: icecream:!:13103:0:99999:7::: irc:!:13103:0:99999:7::: ldap:!:13103:0:99999:7::: mailman:!:13103:0:99999:7::: mdnsd:!:13103:0:99999:7::: mysql:!:13195:0:99999:7::: named:!:13103:0:99999:7::: ntp:!:13103:0:99999:7::: pop:!:13103:0:99999:7::: privoxy:!:13103:0:99999:7::: quagga:!:13103:0:99999:7::: radiusd:!:13103:0:99999:7::: squid:!:13103:0:99999:7::: sshd:!:13103:0:99999:7::: tomcat:!:13103:0:99999:7::: vdr:!:13103:0:99999:7::: wnn:!:13103:0:99999:7::: vscan:!:13535:0:99999:7::: svn:!:13871:0:99999:7::: festival:!:13879:0:99999:7::: polkituser:!:13879:0:99999:7::: avahi:!:13879:0:99999:7::: Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s | openSUSE 10.3 32b | openSUSE 11.0 32b | openSUSE 10.2 64b | openSUSE 10.3 64b | openSUSE 11.0 64b | openSUSE 11.1 64b TOS 4.02 | openSUSE 10.3 PPC | RISC OS 3.6 | RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
L. V. Lammert escribió:
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
No.
OTOH, could it be for remore support?
No, it is a system user so the application can "drop privileges" to access the internet, you dont want to browse as root do you ? -- "If this is the best God can do, I am not impressed" -George Carlin (1937-2008) Cristian Rodríguez R. Software Developer Platform/OpenSUSE - Core Services SUSE LINUX Products GmbH Research & Development http://www.opensuse.org/
On Fri, 13 Mar 2009, [UTF-8] Cristian Rodríguez wrote:
L. V. Lammert escribió:
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
No.
Perhaps not functionally, but there **IS** a valid shell in passwd - that makes a login possible. IMHO, best security practices dictate that accounts without login capability should have nologin as a shell.
OTOH, could it be for remote support?
No, it is a system user so the application can "drop privileges" to access the internet, you dont want to browse as root do you ?
Makes sense, but doesn't belong in and OS application; it's trivial to delete, however. Lee -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 13 Mar 2009, L. V. Lammert wrote:-
On Fri, 13 Mar 2009, [UTF-8] Cristian RodrÃguez wrote:
L. V. Lammert escribió:
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
No.
Perhaps not functionally, but there **IS** a valid shell in passwd - that makes a login possible.
Having a login shell doesn't mean it's possible to log in.
IMHO, best security practices dictate that accounts without login capability should have nologin as a shell.
/etc/passwd:suse-ncc:x:113:115:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash ^ This means there is a password set and you can find the hash of it in /etc/shadow. /etc/shadow:suse-ncc:!:13879:0:99999:7::: ^ By using this in /etc/shadow, it is impossible to log in as that user, or to use su to become that user without being root to begin with[0]. There's more info here: URL:http://www.cyberciti.biz/faq/understanding-etcshadow-file/ with a short explanation in comment 2 of what ! or * in the password hash location means. [0] On one of my 10.3 systems, the following "users" also exist with a valid shell, but who you would also not be able to log in as: at bin daemon ftp games irc ldap lp mailman man news nobody tomcat uucp Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-NG @ ~100Mnodes RC5-72 @ ~1Mkeys/s | openSUSE 10.3 32b | openSUSE 11.0 32b | openSUSE 10.2 64b | openSUSE 10.3 64b | openSUSE 11.0 64b | openSUSE 11.1 64b TOS 4.02 | openSUSE 10.3 PPC | RISC OS 3.6 | RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
At 07:23 PM 3/13/2009 +0000, David Bolt wrote:
On Fri, 13 Mar 2009, L. V. Lammert wrote:-
On Fri, 13 Mar 2009, [UTF-8] Cristian RodrÃguez wrote:
L. V. Lammert escribió:
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
No.
Perhaps not functionally, but there **IS** a valid shell in passwd - that makes a login possible.
Having a login shell doesn't mean it's possible to log in.
No, but it's one link in the chain of permissions for login. Again, good security practices dictate that *ALL* 'links in the security chain' be disabled. Lee -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 13 March 2009 03:43:24 pm L. V. Lammert wrote: ...
No, but it's one link in the chain of permissions for login. Again, good security practices dictate that *ALL* 'links in the security chain' be disabled.
I know that the weakest link in the chain will fight fiercely to prevent that. I'm sure I would. ;-) PS. It is the same as with cars, houses, vaults. You can make them secure, but who is going to use them? Besides, there is always possibility that some large piece of stone can fall from the sky and prove that there was no point to live miserably for sake of safety. -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Mar 13, 2009 at 10:19:32AM -0500, L. V. Lammert wrote:
On Fri, 13 Mar 2009, [UTF-8] Cristian Rodríguez wrote:
L. V. Lammert escribió:
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
No.
Perhaps not functionally, but there **IS** a valid shell in passwd - that makes a login possible. IMHO, best security practices dictate that accounts without login capability should have nologin as a shell.
You might not use this account either. Not sure if the browser starts if you have /bin/false as shell. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Mar 13, 2009 at 09:38:12AM -0500, L. V. Lammert wrote:
On Fri, 13 Mar 2009, David C. Rankin wrote:
Listmates,
On openSuSE 11.0 I stumbled across an entry in my /etc/passwd file that way quite disconcerting. It was:
suse-ncc:x:105:107:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
Wow - thanks for pointing that out! Seems like somebody slipped up ROYALLY on this one - it was login enabled yet!
It is not login enabled, it is marked disabled in passwd / shadow.
OTOH, could it be for remore support? Seems like the have that capability on the commecial side.
Read the other mails. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (11)
-
Anders Johansson
-
Carlos E. R.
-
Cristian Rodríguez
-
David Bolt
-
David C. Rankin
-
L. V. Lammert
-
Marcus Meissner
-
Mike McMullin
-
Per Jessen
-
Rafa Grimán
-
Rajko M.