standard users in /etc/passwd

[Joe Peteh]

Redhat/Fedora newbie questions:

1) How does linux actually use the default accounts in /etc/passwd?
For example, why the need for a user called "bin" and how is this user
used by linux? Why the need for a "shutdown" user? Is it actually
used by the shutdown command?

2) What is the point of having an account with no login shell (i.e.
/bin/false or /sbin/nologin) but a home directory? For example, why
does the the user "operator" have /root as its home directory? How
would this even matter, since it has no shell?

3) Is there a reason why the standard accounts are setup the way they
are? For example, the user "shutdown" has /sbin/shutdown as its shell
and /sbin as its home directory. OK, the shutdown command resides in
the /sbin directory. But, then the user "sync" has the /bin/sync
command as its shell and its home directory is /sbin. Why wouldn't it
be /bin?

Can someone provide an explanation or point to a good text that gives
one? Thanks.

[Lew Pitcher]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joe Peteh wrote:

> Redhat/Fedora newbie questions:

[snip]

> Why the need for a "shutdown" user? Is it actually
> used by the shutdown command?

Not really. The Slackware "shutdown" user /invokes/ the shutdown command. In
this way, selected users have a way to shut down the system from a getty prompt.
Instead of logging on as a regular user and then issueing the 'sudo shutdown'
command (or whatever), they can simply log in as user "shutdown", and the login
takes care of running the shutdown command immediately.

> 2) What is the point of having an account with no login shell (i.e.
> /bin/false or /sbin/nologin) but a home directory?

This prevents someone from being able to log to the shell using that username.
Commonly used for 'internal' users (where you want a unique uid to 'own'
something, but not let anyone real log in as that uid).

> 3) Is there a reason why the standard accounts are setup the way they
> are? For example, the user "shutdown" has /sbin/shutdown as its shell
> and /sbin as its home directory. OK, the shutdown command resides in
> the /sbin directory. But, then the user "sync" has the /bin/sync
> command as its shell and its home directory is /sbin. Why wouldn't it
> be /bin?

Yes, there is a reason. Actually, there are many reasons. There are actually
several strategies being executed simultaneously:
1) some users are restricted to specific actions; the 'shutdown' user shuts down
the system, etc
2) some users are for convenience to the management of programs (the 'sys' or
'bin' user)
3) some users are reserved for daemons, so that they don't have to run as root,
but don't run as a 'real' user (mail, nobody)
4) some users are real, warm-body users that are restricted from logging in to a
getty
5) some users are real, warm-body users that may log in to a getty

> Can someone provide an explanation or point to a good text that gives
> one? Thanks.

- --
Lew Pitcher
IT Consultant, Enterprise Application Architecture,
Enterprise Technology Solutions, TD Bank Financial Group

(Opinions expressed are my own, not my employers')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFBKeR+agVFX4UWr64RAqg6AKCXlFU8Ko4uGot4GXFEZS k4JFOCPACfUNx+
dxP19VN7wh9/EYGe0H5m/Jo=
=6fKV
-----END PGP SIGNATURE-----

[Doug Freyburger]

Joe Peteh wrote:

>
> 1) How does linux actually use the default accounts in /etc/passwd?
> For example, why the need for a user called "bin" and how is this user
> used by linux?

Try an "ls -l" command to see why there is more to an account than
logging in.

> Why the need for a "shutdown" user? Is it actually
> used by the shutdown command?

You have the arrow of effect and cause pointing in the wrong direction.

> 3) Is there a reason why the standard accounts are setup the way they
> are?

Yes. WAs this a trick question or is it really as bizzare as it sounds?
Unix has been in use since 1970. Stuff doesn't get randomly made up
without reason.

> Can someone provide an explanation or point to a good text that gives
> one?

Start with "The UNIX Philosophy". It addresses the reasons for UNIX
features.

[Moe Trin]

In article <306e106b.0408222220.3cd333c4@posting.google.com >, Joe Peteh wrote:

>Redhat/Fedora newbie questions:

OK - everyone has to start someplace ;-)

>1) How does linux actually use the default accounts in /etc/passwd?
>For example, why the need for a user called "bin" and how is this user
>used by linux?

find / -user UID -exec ls -dal {} \;

You may well find that these "internal" users own certain files and/or
directories. If you're curious, do the similar thing with

find / -group GID -exec ls -dal {} \;

On this (RH7.3 based) workstation:

USERS

0 root Lots
1 bin /usr/sbin/arpwatch
2 daemon /var/spool/at/
9 news lots

The following users own nothing:
3 adm, 4 lp, 5 sync, 6 shutdown, 7 halt, 8 mail 10 uucp, 11 operator,
12 games, 13 gopher

The following MAY own files when running:
14 ftp, 99 nobody

It's even worse for various group ids. The whole idea of these ownerships
is that of "least privlidge'.

>Why the need for a "shutdown" user? Is it actually
>used by the shutdown command?

[compton ~]$ grep shutdown /etc/passwd
shutdown:*:6:99:shutdown:/sbin:/sbin/shutdown
[compton ~]$

IF you were able to log in as this user (the * in the second field prevents
that here), then the system would run shutdown.

Lew Pitcher answered the rest of your questions.

Old guy