LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Adding Privoxy user for source build (https://www.linuxquestions.org/questions/linux-newbie-8/adding-privoxy-user-for-source-build-856545/)

mrmnemo 01-15-2011 05:51 PM
Adding Privoxy user for source build
 
Hi,

Wanted to know how to add a user for Privox. Aside from the obvious stuff like not having a shell. For example, in the shadow file I wish to make sure that the account not only has no shell, but no login capability. I am thinking /bin/false would do this; however, I need to make sure.

Thanks

unSpawn 01-15-2011 07:30 PM
Add a user like you would any other unprivileged one (with home = /etc/privoxy). /bin/false should do, mine has /sbin/nologin.

mrmnemo 01-15-2011 10:27 PM
ok,
I actually wanted to see the account as a system account. Something like what you see in /etc/shado
Code:
news:*:14889:0:99999:7:::
NOte: From reading around a bit I guess the astix / exclamation point shows that the account can not "log-In".

So, I tried to user add with the following flags set as based on the man pages.
]CODE]useradd -D -M -U -s /bin/false Privoxy[/CODE]
The above would not work at all. All I wish do is create a user with no /home, shell, or privlage to log-in to the machine. I guess this would be a system account. However, I guess I have the options wrong. Could you help please?

Thanks.

mrmnemo 01-16-2011 02:40 AM
Hi again,

Just thought I would post this for anyone else that runs into this. I was able to get the privoxy user set up correctly by running
Code:
adduser --system --shell /bin/false --no-create-home --group --disabled-login privoxy
Then I passed this info to make with
Code:
make -s install  USER=privoxy GROUP=privoxy
I am not sure how to use the compile time security features of gcc though. I am marking as solved; however, info on compile time security would be helpful.

Hope this helps.

unSpawn 01-16-2011 07:46 AM
This is how it works for me:
Code:
groupadd -g 73 privoxy
/usr/sbin/useradd -u 73 -g 73 -d /etc/privoxy -r -s "/sbin/nologin" privoxy

Quote:
Originally Posted by mrmnemo (Post 4225833)
I am not sure how to use the compile time security features of gcc though. (..) info on compile time security would be helpful.
I don't know what you mean by that?

mrmnemo 01-16-2011 04:18 PM
Quote:
Originally Posted by unSpawn (Post 4226074)
Code:
groupadd -g 73 privoxy
/usr/sbin/useradd -u 73 -g 73 -d /etc/privoxy -r -s "/sbin/nologin" privoxy
Could you help me understand the above? I can see off the top where I was doing it wrong on the shell. However, what is the '73'? From the man page I thought it was the LOGIN at the end of the command line that was used to define group/user. In your case, is 73 another option? I see the -r for a system service. Is the -d for directory? If so, I think I messed when I built. I PREFIXED to /usr/local/etc rather than /etc/privoxy. That was the default behavior for the build.

unSpawn 01-16-2011 04:56 PM
No, "73" is the GID and UID (as 'man groupadd' and 'man useradd' should show) which you supply to "-g" and "-u". And using './configure --prefix=/usr/local' is quite different from 'useradd -d /etc/privoxy'. The first just prepares the build to be installed in a part of the file system while the latter just sets the users $HOME.

mrmnemo 01-16-2011 05:35 PM
So 73 is a number you provided? Or, is "73" to GUID as 777 is to umask? Either way, you helped me solve it. Actually, the way you posted the solution seems to be more fine tuned. All my other questions are gonna start getting off topic. Thanks for all your help.

8)

unSpawn 01-16-2011 05:44 PM
Number, yes. UID or GUID. Not a mask. Cool but don't forget to mark the thread solved.


All times are GMT -5. The time now is 01:20 AM.