Compare commits
No commits in common. "rawhide" and "f41" have entirely different histories.
9 changed files with 154 additions and 174 deletions
31
generate-sysusers-fragments.sh
Executable file
31
generate-sysusers-fragments.sh
Executable file
|
|
@ -0,0 +1,31 @@
|
|||
#!/usr/bin/env bash
|
||||
#SPDX-License-Identifier: 0BSD
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
test -f etc/group
|
||||
test -f etc/passwd
|
||||
|
||||
mkdir -p sysusers.d
|
||||
|
||||
while read -r line; do
|
||||
groupname=$(echo "${line}" | cut -d: -f1)
|
||||
gid=$(echo "${line}" | cut -d: -f3)
|
||||
echo "g ${groupname} ${gid}"
|
||||
done <etc/group >sysusers.d/20-setup-groups.conf
|
||||
|
||||
while read -r line; do
|
||||
username=$(echo "${line}" | cut -d: -f1)
|
||||
uid=$(echo "${line}" | cut -d: -f3)
|
||||
gid=$(echo "${line}" | cut -d: -f4)
|
||||
gecos=$(echo "${line}" | cut -d: -f5)
|
||||
homedir=$(echo "${line}" | cut -d: -f6)
|
||||
if [ "${homedir}" == "/" ]; then
|
||||
homedir="-"
|
||||
fi
|
||||
shell=$(echo "${line}" | cut -d: -f7)
|
||||
if [ "${shell}" == "/usr/sbin/nologin" ]; then
|
||||
shell="-"
|
||||
fi
|
||||
echo "u ${username} ${uid}:${gid} \"${gecos}\" ${homedir} ${shell}"
|
||||
done <etc/passwd >sysusers.d/20-setup-users.conf
|
||||
29
group
Normal file
29
group
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
root:x:0:
|
||||
bin:x:1:
|
||||
daemon:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mem:x:8:
|
||||
kmem:x:9:
|
||||
wheel:x:10:
|
||||
cdrom:x:11:
|
||||
mail:x:12:
|
||||
man:x:15:
|
||||
dialout:x:18:
|
||||
floppy:x:19:
|
||||
games:x:20:
|
||||
utmp:x:22:
|
||||
tape:x:33:
|
||||
kvm:x:36:
|
||||
video:x:39:
|
||||
ftp:x:50:
|
||||
lock:x:54:
|
||||
audio:x:63:
|
||||
users:x:100:
|
||||
input:x:104:
|
||||
render:x:105:
|
||||
sgx:x:106:
|
||||
nobody:x:65534:
|
||||
13
passwd
Normal file
13
passwd
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
root:x:0:0:Super User:/root:/bin/bash
|
||||
bin:x:1:1:bin:/bin:/usr/sbin/nologin
|
||||
daemon:x:2:2:daemon:/sbin:/usr/sbin/nologin
|
||||
adm:x:3:4:adm:/var/adm:/usr/sbin/nologin
|
||||
lp:x:4:7:lp:/var/spool/lpd:/usr/sbin/nologin
|
||||
sync:x:5:0:sync:/sbin:/bin/sync
|
||||
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
|
||||
halt:x:7:0:halt:/sbin:/sbin/halt
|
||||
mail:x:8:12:mail:/var/spool/mail:/usr/sbin/nologin
|
||||
operator:x:11:0:operator:/root:/usr/sbin/nologin
|
||||
games:x:12:100:games:/usr/games:/usr/sbin/nologin
|
||||
ftp:x:14:50:FTP User:/var/ftp:/usr/sbin/nologin
|
||||
nobody:x:65534:65534:Kernel Overflow User:/:/usr/sbin/nologin
|
||||
3
profile
3
profile
|
|
@ -9,9 +9,6 @@
|
|||
# will prevent the need for merging in future updates.
|
||||
|
||||
pathmunge () {
|
||||
# If the path is a compat symlink, do nothing.
|
||||
[ -h "$1" ] && return
|
||||
|
||||
case ":${PATH}:" in
|
||||
*:"$1":*)
|
||||
;;
|
||||
|
|
|
|||
15
protocols
15
protocols
|
|
@ -1,12 +1,12 @@
|
|||
# /etc/protocols:
|
||||
# $Id: protocols,v 1.13 2025/05/14 15:30 mosvald Exp $
|
||||
# $Id: protocols,v 1.12 2016/07/08 12:27 ovasik Exp $
|
||||
#
|
||||
# Internet (IP) protocols
|
||||
#
|
||||
# from: @(#)protocols 5.1 (Berkeley) 4/17/89
|
||||
#
|
||||
# Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992).
|
||||
# Last IANA update included dated 2025-01-08
|
||||
# Last IANA update included dated 2011-05-03
|
||||
#
|
||||
# See also http://www.iana.org/assignments/protocol-numbers
|
||||
|
||||
|
|
@ -66,7 +66,7 @@ ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv6 (not in official list)
|
|||
ah 51 AH # Authentication Header
|
||||
ipv6-auth 51 IPv6-Auth # Authentication Header for IPv6 (not in official list)
|
||||
i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA
|
||||
swipe 53 SWIPE # IP with Encryption (deprecated)
|
||||
swipe 53 SWIPE # IP with Encryption
|
||||
narp 54 NARP # NBMA Address Resolution Protocol
|
||||
mobile 55 MOBILE # IP Mobility
|
||||
tlsp 56 TLSP # Transport Layer Security Protocol
|
||||
|
|
@ -108,7 +108,7 @@ larp 91 LARP # Locus Address Resolution Protocol
|
|||
mtp 92 MTP # Multicast Transport Protocol
|
||||
ax.25 93 AX.25 # AX.25 Frames
|
||||
ipip 94 IPIP # Yet Another IP encapsulation
|
||||
micp 95 MICP # Mobile Internetworking Control Pro. (deprecated)
|
||||
micp 95 MICP # Mobile Internetworking Control Pro.
|
||||
scc-sp 96 SCC-SP # Semaphore Communications Sec. Pro.
|
||||
etherip 97 ETHERIP # Ethernet-within-IP Encapsulation
|
||||
encap 98 ENCAP # Yet Another IP encapsulation
|
||||
|
|
@ -156,12 +156,7 @@ hip 139 HIP # Host Identity Protocol
|
|||
shim6 140 Shim6 # Shim6 Protocol
|
||||
wesp 141 WESP # Wrapped Encapsulating Security Payload
|
||||
rohc 142 ROHC # Robust Header Compression
|
||||
ethernet 143 Ethernet # Ethernet encapsulation for SRv6
|
||||
aggfrag 144 AGGFRAG # AGGFRAG encapsulation payload for ESP
|
||||
nsh 145 NSH # Network Service Header
|
||||
homa 146 Homa # Homa
|
||||
bit-emu 147 BIT-EMU # Bit-stream Emulation
|
||||
# 148-252 Unassigned [IANA]
|
||||
# 143-252 Unassigned [IANA]
|
||||
# 253 Use for experimentation and testing [RFC3692]
|
||||
# 254 Use for experimentation and testing [RFC3692]
|
||||
# 255 Reserved [IANA]
|
||||
|
|
|
|||
69
setup.spec
69
setup.spec
|
|
@ -12,22 +12,24 @@ Source0003: csh.cshrc
|
|||
Source0004: csh.login
|
||||
Source0005: ethertypes
|
||||
Source0006: filesystems
|
||||
Source0007: host.conf
|
||||
Source0008: hosts
|
||||
Source0009: inputrc
|
||||
Source0010: networks
|
||||
Source0011: printcap
|
||||
Source0012: profile
|
||||
Source0013: protocols
|
||||
Source0014: services
|
||||
Source0015: shells
|
||||
Source0007: group
|
||||
Source0008: host.conf
|
||||
Source0009: hosts
|
||||
Source0010: inputrc
|
||||
Source0011: networks
|
||||
Source0012: passwd
|
||||
Source0013: printcap
|
||||
Source0014: profile
|
||||
Source0015: protocols
|
||||
Source0016: services
|
||||
Source0017: shells
|
||||
|
||||
Source0021: lang.csh
|
||||
Source0022: lang.sh
|
||||
|
||||
Source0031: COPYING
|
||||
Source0032: uidgid
|
||||
Source0033: setup.sysusers.conf
|
||||
Source0033: generate-sysusers-fragments.sh
|
||||
Source0034: uidgidlint
|
||||
Source0035: serviceslint
|
||||
|
||||
|
|
@ -35,7 +37,6 @@ BuildArch: noarch
|
|||
BuildRequires: bash
|
||||
BuildRequires: tcsh
|
||||
BuildRequires: perl-interpreter
|
||||
BuildRequires: /usr/bin/systemd-sysusers
|
||||
#systemd-rpm-macros: required to use _sysusersdir and _tmpfilesdir macro
|
||||
BuildRequires: systemd-rpm-macros
|
||||
#require system release for saner dependency order
|
||||
|
|
@ -47,18 +48,21 @@ setup files, such as passwd, group, and profile.
|
|||
|
||||
%prep
|
||||
mkdir -p etc/profile.d
|
||||
cp %{lua: for i=1,15 do print(sources[i]..' ') end} etc/
|
||||
cp %{lua: for i=1,17 do print(sources[i]..' ') end} etc/
|
||||
cp %SOURCE21 %SOURCE22 etc/profile.d/
|
||||
touch etc/{exports,motd,subgid,subuid,environment,fstab}
|
||||
touch etc/{exports,motd,subgid,subuid}
|
||||
|
||||
mkdir -p docs
|
||||
cp %SOURCE31 %SOURCE32 docs/
|
||||
|
||||
bash %SOURCE33
|
||||
|
||||
%build
|
||||
# This produces ./etc/{passwd,group,shadow,gshadow}
|
||||
systemd-sysusers --root=./ %SOURCE33
|
||||
# Allow the user to copy the file
|
||||
chmod 0400 ./etc/{shadow,gshadow}
|
||||
#make prototype for /etc/shadow
|
||||
sed -e "s/:.*/:*:`expr $(date +%s) / 86400`:0:99999:7:::/" etc/passwd >etc/shadow
|
||||
|
||||
#make prototype for /etc/gshadow
|
||||
sed -e 's/:[0-9]\+:/::/g; s/:x:/::/' etc/group >etc/gshadow
|
||||
|
||||
%check
|
||||
# Sanity checking selected files....
|
||||
|
|
@ -66,17 +70,19 @@ bash -n etc/bashrc
|
|||
bash -n etc/profile
|
||||
tcsh -f etc/csh.cshrc
|
||||
tcsh -f etc/csh.login
|
||||
bash %SOURCE34 docs/uidgid
|
||||
(cd etc && bash %SOURCE34 ./uidgid)
|
||||
(cd etc && perl %SOURCE35 ./services)
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}/etc
|
||||
cp -ar etc/* %{buildroot}/etc/
|
||||
|
||||
install -D -m0644 %SOURCE33 %{buildroot}%{_sysusersdir}/setup.conf
|
||||
mkdir -p %{buildroot}%{_sysusersdir}
|
||||
cp sysusers.d/* %{buildroot}%{_sysusersdir}/
|
||||
|
||||
mkdir -p %{buildroot}/var/log
|
||||
touch %{buildroot}/etc/environment
|
||||
chmod 0400 %{buildroot}/etc/{shadow,gshadow}
|
||||
touch %{buildroot}/etc/fstab
|
||||
echo "#Add any required envvar overrides to this file, it is sourced from /etc/profile" >%{buildroot}/etc/profile.d/sh.local
|
||||
echo "#Add any required envvar overrides to this file, it is sourced from /etc/csh.login" >%{buildroot}/etc/profile.d/csh.local
|
||||
|
|
@ -100,15 +106,13 @@ cat >%{buildroot}/usr/share/dnf5/libdnf.conf.d/protect-setup.conf <<EOF
|
|||
protected_packages = setup
|
||||
EOF
|
||||
|
||||
#throw away useless and dangerous update stuff until rpm will be able to
|
||||
#handle it ( http://rpm.org/ticket/6 )
|
||||
# Use rpm.spawn() if available (in >= 4.20) but fallback to forking if not
|
||||
%post -p <lua>
|
||||
-- Throw away useless and dangerous update stuff until rpm will be able to
|
||||
-- handle it. See: http://rpm.org/ticket/6
|
||||
for i, name in ipairs({"passwd", "shadow", "group", "gshadow"}) do
|
||||
os.remove("/etc/"..name..".rpmnew")
|
||||
end
|
||||
-- Use rpm.spawn() if available (in >= 4.20) but fallback to forking if not.
|
||||
--
|
||||
-- Initialize or update /etc/alias.db from /etc/aliases for sendmail, etc.
|
||||
if posix.access("/usr/bin/newaliases", "x") then
|
||||
if rpm.spawn ~= nil then
|
||||
rpm.spawn({'/usr/bin/newaliases'}, {stdout='/dev/null'})
|
||||
|
|
@ -122,20 +126,6 @@ if posix.access("/usr/bin/newaliases", "x") then
|
|||
end
|
||||
end
|
||||
end
|
||||
-- Ensure pre-allocated tmpfiles are created immediately on upgrades.
|
||||
if posix.access("/usr/bin/systemd-tmpfiles", "x") then
|
||||
if rpm.spawn ~= nil then
|
||||
rpm.spawn({"/usr/bin/systemd-tmpfiles", "--create"}, {stderr='/dev/null'})
|
||||
else
|
||||
local pid = posix.fork()
|
||||
if pid == 0 then
|
||||
posix.redirect2null(2)
|
||||
posix.exec("/usr/bin/systemd-tmpfiles", "--create")
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
%files
|
||||
%license docs/COPYING
|
||||
|
|
@ -175,7 +165,8 @@ end
|
|||
%config(noreplace) %verify(not md5 size mtime) /etc/shells
|
||||
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/fstab
|
||||
%{_tmpfilesdir}/%{name}.conf
|
||||
%{_sysusersdir}/setup.conf
|
||||
%{_sysusersdir}/20-setup-groups.conf
|
||||
%{_sysusersdir}/20-setup-users.conf
|
||||
/etc/dnf/protected.d/%{name}.conf
|
||||
%dir /usr/share/dnf5
|
||||
%dir /usr/share/dnf5/libdnf.conf.d
|
||||
|
|
|
|||
|
|
@ -1,41 +0,0 @@
|
|||
u root 0:0 "Super User" /root /bin/bash
|
||||
u bin 1 "bin" /bin -
|
||||
u daemon 2 "daemon" /sbin -
|
||||
u adm 3:4 "adm" /var/adm -
|
||||
u lp 4:7 "lp" /var/spool/lpd -
|
||||
u sync 5:0 "sync" /sbin /bin/sync
|
||||
u shutdown 6:0 "shutdown" /sbin /sbin/shutdown
|
||||
u halt 7:0 "halt" /sbin /sbin/halt
|
||||
u mail 8:12 "mail" /var/spool/mail -
|
||||
u operator 11:0 "operator" /root -
|
||||
u games 12:100 "games" /usr/games -
|
||||
u ftp 14:50 "FTP User" /var/ftp -
|
||||
u nobody 65534:65534 "Kernel Overflow User" - -
|
||||
g root 0
|
||||
g sys 3
|
||||
g adm 4
|
||||
g tty 5
|
||||
g disk 6
|
||||
g lp 7
|
||||
g mem 8
|
||||
g kmem 9
|
||||
g wheel 10
|
||||
g cdrom 11
|
||||
g mail 12
|
||||
g man 15
|
||||
g dialout 18
|
||||
g floppy 19
|
||||
g games 20
|
||||
g utmp 22
|
||||
g tape 33
|
||||
g kvm 36
|
||||
g video 39
|
||||
g ftp 50
|
||||
g lock 54
|
||||
g audio 63
|
||||
g users 100
|
||||
g clock 103
|
||||
g input 104
|
||||
g render 105
|
||||
g sgx 106
|
||||
g nobody 65534
|
||||
104
uidgid
104
uidgid
|
|
@ -19,35 +19,29 @@ news 9 13 /var/spool/news /usr/sbin/nologin inn
|
|||
uucp 10 14 /var/spool/uucp /usr/sbin/nologin uucp
|
||||
operator 11 (0) /root /usr/sbin/nologin setup
|
||||
games 12 (100) /usr/games /usr/sbin/nologin setup
|
||||
# Removed in 2013 (#918206, #1667231), can be reused if necessary later
|
||||
# gopher 13 30 /var/gopher /usr/sbin/nologin -
|
||||
# Not created by default anymore.
|
||||
gopher 13 30 /var/gopher /usr/sbin/nologin -
|
||||
ftp 14 50 /var/ftp /usr/sbin/nologin setup
|
||||
man - 15 - - setup
|
||||
# Retired in 2018 (https://src.fedoraproject.org/rpms/oprofile/c/80fe828c879b1f67a109998cdd42a1bd8513bc3c)
|
||||
# oprofile 16 16 /var/lib/oprofile /usr/sbin/nologin oprofile
|
||||
# Retired sometime between 2011 and 2014 (https://src.fedoraproject.org/rpms/pki-ca/c/4ca1ce11a6e090099b36493653808cfe380911e1)
|
||||
# pkiuser 17 17 /usr/share/pki /usr/sbin/nologin pki-ca,rhpki-ca
|
||||
oprofile 16 16 /var/lib/oprofile /usr/sbin/nologin oprofile
|
||||
pkiuser 17 17 /usr/share/pki /usr/sbin/nologin pki-ca,rhpki-ca
|
||||
dialout - 18 - - setup
|
||||
floppy - 19 - - setup
|
||||
games - 20 - - setup
|
||||
# mlocate retired in 2024 (https://src.fedoraproject.org/rpms/mlocate/c/7277dd5f59db126d1046a6aa5c4077a597dddddc)
|
||||
# slocate - 21 - - slocate
|
||||
slocate - 21 - - slocate
|
||||
utmp - 22 - - initscripts,libutempter
|
||||
squid 23 23 /var/spool/squid /dev/null squid
|
||||
# Retired in 2015 (https://src.fedoraproject.org/rpms/pvm/c/eb6972917befbed00aff622c2c428d18439efe27)
|
||||
# pvm 24 24 /usr/share/pvm3 /bin/bash pvm
|
||||
pvm 24 24 /usr/share/pvm3 /bin/bash pvm
|
||||
named 25 25 /var/named /bin/false bind
|
||||
postgres 26 26 /var/lib/pgsql /bin/bash postgresql-server
|
||||
mysql 27 27 /var/lib/mysql /usr/sbin/nologin mysql
|
||||
mysql 27 27 /var/lib/mysql /bin/bash mysql
|
||||
nscd 28 28 / /bin/false nscd
|
||||
rpcuser 29 29 /var/lib/nfs /bin/false nfs-utils
|
||||
# Present in https://pagure.io/setup/c/08258e0f748c4f372fcbf1dd7947c132ee0b8a12, probably already unused in 2008
|
||||
# console - 31 - - dev
|
||||
console - 31 - - dev
|
||||
rpc 32 32 /var/lib/rpcbind /usr/sbin/nologin portmap
|
||||
amandabackup 33 (6) /var/lib/amanda /bin/false amanda
|
||||
tape - 33 - - setup
|
||||
# Retired in 2021 (https://src.fedoraproject.org/rpms/netdump-server/c/9bbe604e20c113eaa7c897b9b12a705a36afb109)
|
||||
# netdump 34 34 /var/crash /bin/bash netdump-client, netdump-server
|
||||
netdump 34 34 /var/crash /bin/bash netdump-client, netdump-server
|
||||
utempter - 35 - - libutempter
|
||||
kvm - 36 - - kvm, vdsm, libvirt
|
||||
vdsm 36 (36) / /bin/bash kvm, vdsm
|
||||
|
|
@ -57,92 +51,73 @@ video - 39 - - setup
|
|||
dip - 40 - - ppp
|
||||
mailman 41 41 /usr/lib/mailman /usr/sbin/nologin mailman
|
||||
gdm 42 42 /var/lib/gdm /usr/sbin/nologin gdm
|
||||
# Retired in 2022 (https://src.fedoraproject.org/rpms/xorg-x11-xfs/c/3e273d8a939cf5f08bd4eea4f594fedd508dabcf)
|
||||
# xfs 43 43 /etc/X11/fs /bin/false XFree86-xfs
|
||||
xfs 43 43 /etc/X11/fs /bin/false XFree86-xfs
|
||||
pppusers - 44 - - linuxconf
|
||||
popusers - 45 - - linuxconf
|
||||
slipusers - 46 - - linuxconf
|
||||
mailnull 47 47 /var/spool/mqueue /dev/null sendmail
|
||||
apache 48 48 /usr/share/httpd /bin/false httpd
|
||||
# Retired sometime before 2008 (https://src.fedoraproject.org/rpms/FreeWnn/c/8f9ac4e26531c704a26057be48261fb3d1ebea8e)
|
||||
# wnn 49 49 /var/lib/wnn /usr/sbin/nologin FreeWnn
|
||||
wnn 49 49 /var/lib/wnn /usr/sbin/nologin FreeWnn
|
||||
smmsp 51 51 /var/spool/mqueue /dev/null sendmail
|
||||
puppet 52 52 /var/lib/puppet /usr/sbin/nologin puppet
|
||||
tomcat 53 53 /var/lib/tomcat /usr/sbin/nologin tomcat
|
||||
lock - 54 - - setup
|
||||
ldap 55 55 /var/lib/ldap /bin/false openldap-servers
|
||||
# Last references on the web appear around 2007…
|
||||
# frontpage 56 56 /var/www /bin/false mod_frontpage
|
||||
frontpage 56 56 /var/www /bin/false mod_frontpage
|
||||
nut 57 57 /var/lib/ups /bin/false nut
|
||||
# Retired in 2011 (https://src.fedoraproject.org/rpms/beagle/c/5721c9577eebdc7a0f6566f3efd955b3f4427a0e)
|
||||
# beagleindex 58 58 /var/cache/beagle /bin/false beagle
|
||||
beagleindex 58 58 /var/cache/beagle /bin/false beagle
|
||||
tss 59 59 - /usr/sbin/nologin trousers
|
||||
# Retired in 2012 (https://src.fedoraproject.org/rpms/piranha/c/15262075b63d48e2ee236ffb87d2db0a4aef1c42)
|
||||
# piranha 60 60 /etc/sysconfig/ha /dev/null piranha
|
||||
# Retired in 2025 (https://src.fedoraproject.org/rpms/prelude-manager/c/68cce28aa0e1788d857791155812e1f20d35036e)
|
||||
# prelude-manager 61 61 - /usr/sbin/nologin prelude-manager
|
||||
# Retired in 2011 (https://src.fedoraproject.org/rpms/snort/c/e2e149974cb3b56b70ed158339a3cb931497dfa2)
|
||||
# snortd 62 62 - /usr/sbin/nologin snortd
|
||||
piranha 60 60 /etc/sysconfig/ha /dev/null piranha
|
||||
prelude-manager 61 61 - /usr/sbin/nologin prelude-manager
|
||||
snortd 62 62 - /usr/sbin/nologin snortd
|
||||
audio - 63 - - setup
|
||||
condor 64 64 /var/lib/condor /usr/sbin/nologin condord
|
||||
nslcd 65 (55) / /usr/sbin/nologin nslcd
|
||||
wine - 66 - - wine
|
||||
pegasus 66 65 /var/lib/Pegasus /usr/sbin/nologin tog-pegasus
|
||||
webalizer 67 67 /var/www/usage /usr/sbin/nologin webalizer
|
||||
# Retired in 2011 (https://src.fedoraproject.org/rpms/hal/c/e6690cd150b5e1c13e7779de1ce32ded0bc22bc1)
|
||||
# haldaemon 68 68 / /usr/sbin/nologin hal
|
||||
# Present in https://pagure.io/setup/c/08258e0f748c4f372fcbf1dd7947c132ee0b8a12, probably already unused in 2008
|
||||
# vcsa 69 69 - /usr/sbin/nologin dev,MAKEDEV
|
||||
haldaemon 68 68 / /usr/sbin/nologin hal
|
||||
vcsa 69 69 - /usr/sbin/nologin dev,MAKEDEV
|
||||
avahi 70 70 /var/run/avahi-daemon /usr/sbin/nologin avahi
|
||||
# Present in https://pagure.io/setup/c/08258e0f748c4f372fcbf1dd7947c132ee0b8a12, probably already unused in 2008
|
||||
# realtime - 71 - - -
|
||||
realtime - 71 - - -
|
||||
tcpdump 72 72 / /usr/sbin/nologin tcpdump
|
||||
privoxy 73 73 /etc/privoxy /bin/bash privoxy
|
||||
sshd 74 74 /var/empty/sshd /usr/sbin/nologin openssh-server
|
||||
radvd 75 75 / /bin/false radvd
|
||||
cyrus 76 (12) /var/imap /bin/bash cyrus-imapd
|
||||
saslauth - 76 - - cyrus-sasl, cyrus-imap
|
||||
# Dynamic on new systems, removed Dec2023, can be reused if necessary later
|
||||
# Dynamic on new systems, removed Dec2023, can be freed if necessary later
|
||||
#arpwatch 77 77 /var/lib/arpwatch /usr/sbin/nologin arpwatch
|
||||
fax 78 78 /var/spool/fax /usr/sbin/nologin mgetty
|
||||
# Retired in 2014 (https://src.fedoraproject.org/rpms/nocpulse-common/c/2ee190601831472ca3ae9857311cfbd31c129c0e)
|
||||
# nocpulse 79 79 /etc/sysconfig/nocpulse /bin/bash nocpulse
|
||||
nocpulse 79 79 /etc/sysconfig/nocpulse /bin/bash nocpulse
|
||||
desktop 80 80 - /usr/sbin/nologin desktop-file-utils
|
||||
dbus 81 81 / /usr/sbin/nologin dbus
|
||||
# References to JOnAS in FC3 around 2005…
|
||||
# jonas 82 82 /var/lib/jonas /usr/sbin/nologin jonas
|
||||
jonas 82 82 /var/lib/jonas /usr/sbin/nologin jonas
|
||||
clamav 83 83 /tmp /usr/sbin/nologin clamav
|
||||
screen - 84 - - screen
|
||||
# Retired in 2021 (https://src.fedoraproject.org/rpms/quagga/c/42d57331ac98fcc4c7103854cb1ce0ddfc4bbbc2)
|
||||
# quaggavt - 85 - - quagga
|
||||
# Retired in 2014 (https://src.fedoraproject.org/rpms/sabayon/c/e1c4c886227e8123e55fd3fad93dc966d512b9b9)
|
||||
# sabayon 86 86 - /usr/sbin/nologin sabayon
|
||||
quaggavt - 85 - - quagga
|
||||
sabayon 86 86 - /usr/sbin/nologin sabayon
|
||||
polkituser 87 87 / /usr/sbin/nologin PolicyKit
|
||||
wbpriv - 88 - - samba-common
|
||||
postfix 89 89 /var/spool/postfix /bin/true postfix
|
||||
postdrop - 90 - - postfix
|
||||
# https://en.wikipedia.org/wiki/Majordomo_(software) says final release was 19 January 2000
|
||||
# majordomo 91 91 /usr/lib/majordomo /bin/bash majordomo
|
||||
# Retired in 2021 (https://src.fedoraproject.org/rpms/quagga/c/42d57331ac98fcc4c7103854cb1ce0ddfc4bbbc2)
|
||||
# quagga 92 92 / /usr/sbin/nologin quagga
|
||||
majordomo 91 91 /usr/lib/majordomo /bin/bash majordomo
|
||||
quagga 92 92 / /usr/sbin/nologin quagga
|
||||
exim 93 93 /var/spool/exim /usr/sbin/nologin exim
|
||||
distcache 94 94 / /usr/sbin/nologin distcache
|
||||
radiusd 95 95 / /bin/false freeradius
|
||||
# Retired in 2021 (https://src.fedoraproject.org/rpms/hsqldb/c/54def1d22548601a91ccf6a92c17645a1c5d7cdf)
|
||||
# hsqldb 96 96 /var/lib/hsqldb /usr/sbin/nologin hsqldb
|
||||
hsqldb 96 96 /var/lib/hsqldb /usr/sbin/nologin hsqldb
|
||||
dovecot 97 97 /usr/libexec/dovecot /usr/sbin/nologin dovecot
|
||||
ident 98 98 / /usr/sbin/nologin ident
|
||||
# Note: 99 used to be the old uid for nobody, now moved to 65534, do not reuse
|
||||
users - 100 - - setup
|
||||
ssh_keys - 101 - - openssh
|
||||
clock - 103 - - systemd
|
||||
input - 104 - - systemd
|
||||
render - 105 - - systemd
|
||||
sgx - 106 - - systemd
|
||||
qemu 107 107 / /usr/sbin/nologin libvirt
|
||||
ovirt 108 108 / /usr/sbin/nologin libvirt
|
||||
# Retired in 2019 (https://src.fedoraproject.org/rpms/vdsm/c/6f1df621f648aa3b65edfcf3389649a6d13df5d4)
|
||||
# rhevm 109 109 /home/rhevm /usr/sbin/nologin vdsm-reg
|
||||
rhevm 109 109 /home/rhevm /usr/sbin/nologin vdsm-reg
|
||||
jetty 110 110 /usr/share/jetty /usr/sbin/nologin jetty
|
||||
saned 111 111 / /usr/sbin/nologin sane-backends
|
||||
vhostmd 112 112 /usr/share/vhostmd /usr/sbin/nologin vhostmd
|
||||
|
|
@ -151,13 +126,10 @@ polkitd 114 114 / /usr/sbin/nologin polkit
|
|||
bacula 133 133 /var/spool/bacula /usr/sbin/nologin bacula
|
||||
cimsrvr 134 134 / /usr/sbin/nologin tog-pegasus-libs
|
||||
mock - 135 / - mock
|
||||
# Retired in 2012 (https://src.fedoraproject.org/rpms/ricci/c/02a86812383253577ce309d633a400c9c6353ecd,
|
||||
# https://fedoraproject.org/wiki/Features/Cluster)
|
||||
# ricci 140 140 /var/lib/ricci /usr/sbin/nologin ricci
|
||||
# luci 141 141 /var/lib/luci /usr/sbin/nologin luci
|
||||
ricci 140 140 /var/lib/ricci /usr/sbin/nologin ricci
|
||||
luci 141 141 /var/lib/luci /usr/sbin/nologin luci
|
||||
activemq 142 142 /usr/share/activemq /usr/sbin/nologin activemq
|
||||
# Retired in 2019 (https://src.fedoraproject.org/rpms/cassandra/c/8fcb780b616a034aa5d787d04d631ac1f815f694)
|
||||
# cassandra 143 143 /var/lib/cassandra /usr/sbin/nologin cassandra
|
||||
cassandra 143 143 /var/lib/cassandra /usr/sbin/nologin cassandra
|
||||
stap-server 155 155 /var/lib/stap-server /usr/sbin/nologin systemtap
|
||||
stapusr - 156 / - systemtap-runtime
|
||||
stapsys - 157 / - systemtap-runtime
|
||||
|
|
@ -172,8 +144,7 @@ ceilometer 166 166 /var/lib/ceilometer /usr/sbin/nologin openstack-ceilometer
|
|||
ceph 167 167 /var/lib/ceph /usr/sbin/nologin ceph-common
|
||||
avahi-autoipd 170 170 /var/lib/avahi-autoipd /usr/sbin/nologin avahi
|
||||
pulse 171 171 /var/run/pulse /usr/sbin/nologin pulseaudio
|
||||
# Dynamic on new systems, removed Mar2025, can be reused if necessary later
|
||||
# rtkit 172 172 /proc /usr/sbin/nologin rtkit
|
||||
rtkit 172 172 /proc /usr/sbin/nologin rtkit
|
||||
abrt 173 173 /etc/abrt /usr/sbin/nologin abrt
|
||||
retrace 174 174 /usr/share/retrace-server /usr/sbin/nologin retrace-server
|
||||
ovirtagent 175 175 / /usr/sbin/nologin ovirt-guest-agent
|
||||
|
|
@ -181,11 +152,9 @@ ats 176 176 / /usr/sbin/nologin trafficserver
|
|||
dhcpd 177 177 / /usr/sbin/nologin dhcp
|
||||
myproxy 178 178 /var/lib/myproxy /usr/sbin/nologin myproxy-server
|
||||
sanlock 179 179 /var/run/sanlock /usr/sbin/nologin sanlock
|
||||
# Retired in 2012 (https://src.fedoraproject.org/rpms/aeolus-all/c/4b303d259fb530130e413be462e032390595714d)
|
||||
# aeolus 180 180 /var/aeolus /usr/sbin/nologin aeolus-configure
|
||||
# Retired in 2015 (https://src.fedoraproject.org/rpms/wallaby/c/93d5de780d22a378db988a8b72d3d30ebf628930)
|
||||
# wallaby 181 181 /var/lib/wallaby /usr/sbin/nologin wallaby
|
||||
# Not used anymore, removed Jun2021, can be reused if necessary later
|
||||
aeolus 180 180 /var/aeolus /usr/sbin/nologin aeolus-configure
|
||||
wallaby 181 181 /var/lib/wallaby /usr/sbin/nologin wallaby
|
||||
# Not used anymore, removed Jun2021, can be freed if necessary later
|
||||
#katello 182 182 /usr/share/katello /usr/sbin/nologin katello-common
|
||||
elasticsearch 183 183 /usr/share/java/elasticsearch /usr/sbin/nologin elasticsearch
|
||||
mongodb 184 184 /var/lib/mongodb /usr/sbin/nologin mongodb
|
||||
|
|
@ -198,11 +167,10 @@ haproxy 188 188 /var/lib/haproxy /usr/sbin/nologin haproxy
|
|||
haclient - 189 - - pacemaker
|
||||
hacluster 189 (189) / /usr/sbin/nologin pacemaker
|
||||
systemd-journal - 190 - - systemd
|
||||
# Dynamic on new systems, removed Dec2014, can be reused if necessary later
|
||||
# Dynamic on new systems, removed Dec2014, can be freed if necessary later
|
||||
#systemd-journal-gateway 191 191 / /usr/sbin/nologin systemd
|
||||
systemd-network 192 192 / /usr/sbin/nologin systemd
|
||||
systemd-resolve 193 193 / /usr/sbin/nologin systemd
|
||||
xrootd 194 194 /var/spool/xrootd - xrootd-server
|
||||
#gnats ? ? ? ? gnats, gnats-db
|
||||
#listar ? ? ? ? listar
|
||||
nobody 65534 65534 / /usr/sbin/nologin setup
|
||||
|
|
|
|||
23
uidgidlint
23
uidgidlint
|
|
@ -1,26 +1,23 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
#!/bin/sh
|
||||
# We need a file to look at.
|
||||
if [ -z "$*" ] ; then
|
||||
echo "Usage: $0 uidgid"
|
||||
echo Usage: `basename $0` uidgid
|
||||
exit 1
|
||||
fi
|
||||
error=0
|
||||
# The format of the file is (currently)
|
||||
for infile in "$@" ; do
|
||||
uidlist=$(grep -v '^#' "$infile" | awk '{print $2}' | grep -v -e - | sort -nu)
|
||||
gidlist=$(grep -v '^#' "$infile" | awk '{print $3}' | grep -v -e - | sort -nu)
|
||||
for uid in $uidlist; do
|
||||
if test "$(grep -v '^#' "$infile" | awk '{print $2}' | grep -c '^'"$uid"'$')" -ne 1 ; then
|
||||
echo "Duplicate UID: $uid"
|
||||
uidlist=`grep -v '^#' "$infile" | awk '{print $2}' | grep -v -e - | sort -nu`
|
||||
gidlist=`grep -v '^#' "$infile" | awk '{print $3}' | grep -v -e - | sort -nu`
|
||||
for uid in $uidlist ; do
|
||||
if test `grep -v '^#' "$infile" | awk '{print $2}' | grep '^'"$uid"'$' | wc -l` -ne 1 ; then
|
||||
echo Duplicate UID: $uid
|
||||
error=1
|
||||
fi
|
||||
done
|
||||
for gid in $gidlist; do
|
||||
if test "$(grep -v '^#' "$infile" | awk '{print $3}' | grep -c '^'"$gid"'$')" -ne 1 ; then
|
||||
echo "Duplicate GID: $gid"
|
||||
for gid in $gidlist ; do
|
||||
if test `grep -v '^#' "$infile" | awk '{print $3}' | grep '^'"$gid"'$' | wc -l` -ne 1 ; then
|
||||
echo Duplicate GID: $gid
|
||||
error=1
|
||||
fi
|
||||
done
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue