Deleted default system users
I read a security article that mentioned to remove all default users, so I went ahead and removed these users:
bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin Is there anything wrong with doing that? I saved my passwd and shadow files but I guess I would have to add the users back in somehow if I needed. How would I do that? I dont seem to have an issue so I'm not sure if these users are really needed but then I read that you shouldn't remove system users. Which one is it? Thanks, Shawn |
Member Response
Hi,
Please share the article link? |
Quote:
Quote:
Code:
cp passwd.backup /etc/passwd Code:
cd /etc/ Quote:
Hope this helps some. |
Quote:
The article is here http://www.faqs.org/docs/gazette/tips.html I'm aware its a bit old but still found it a bit useful |
I also wanted to mention that although my passwd file was already set to 644, my shadow file was initially set to just 000. Literally no permissions. I'm running CentOS
And on another note, I appended the following line in /etc/inittab to prompt for a login and password for single user mode but it never seemed to work. ~~:S:wait:/sbin/sulogin |
All times are GMT -5. The time now is 02:28 AM. |