Hi,

Wanted to know how to add a user for Privox. Aside from the obvious stuff like not having a shell. For example, in the shadow file I wish to make sure that the account not only has no shell, but no login capability. I am thinking /bin/false would do this; however, I need to make sure.

Thanks

Add a user like you would any other unprivileged one (with home = /etc/privoxy). /bin/false should do, mine has /sbin/nologin.

1 members found this post helpful.

ok,
I actually wanted to see the account as a system account. Something like what you see in /etc/shado
NOte: From reading around a bit I guess the astix / exclamation point shows that the account can not "log-In".

So, I tried to user add with the following flags set as based on the man pages.
]CODE]useradd -D -M -U -s /bin/false Privoxy[/CODE]
The above would not work at all. All I wish do is create a user with no /home, shell, or privlage to log-in to the machine. I guess this would be a system account. However, I guess I have the options wrong. Could you help please?

Thanks.

Hi again,

Just thought I would post this for anyone else that runs into this. I was able to get the privoxy user set up correctly by running
Then I passed this info to make with
I am not sure how to use the compile time security features of gcc though. I am marking as solved; however, info on compile time security would be helpful.

Hope this helps.

This is how it works for me:

I don't know what you mean by that?

Could you help me understand the above? I can see off the top where I was doing it wrong on the shell. However, what is the '73'? From the man page I thought it was the LOGIN at the end of the command line that was used to define group/user. In your case, is 73 another option? I see the -r for a system service. Is the -d for directory? If so, I think I messed when I built. I PREFIXED to /usr/local/etc rather than /etc/privoxy. That was the default behavior for the build.

No, "73" is the GID and UID (as 'man groupadd' and 'man useradd' should show) which you supply to "-g" and "-u". And using './configure --prefix=/usr/local' is quite different from 'useradd -d /etc/privoxy'. The first just prepares the build to be installed in a part of the file system while the latter just sets the users $HOME.

1 members found this post helpful.

So 73 is a number you provided? Or, is "73" to GUID as 777 is to umask? Either way, you helped me solve it. Actually, the way you posted the solution seems to be more fine tuned. All my other questions are gonna start getting off topic. Thanks for all your help.

8)

Number, yes. UID or GUID. Not a mask. Cool but don't forget to mark the thread solved.