Hi, we have quite some packages, which create an own user, but use "nogroup" as group. In my opinion this defeats the purpose of having an own user for a daemon: avoid that an attacker can access other things if we manage to hack a daemon. Since we additional create an own group, at least if you use the sysusers.d config file and do not call useradd, I'm in favour of removing all this nogroup usages, including that the user nobody is a member of this group. Opinions? Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org