From 8808d80c0793307bfc5fc1bd19221549343a9678 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Tue, 1 Dec 2015 07:31:29 +0000 Subject: [PATCH] create new independent uid/gid for tftp_proxy and ftp_proxy. They should not share a uid. Leave the proxy uid for later mop-up (sysmerge does not handle uid renamings well enough) ok dlg, ok aja a while back --- src/etc/group | 2 ++ src/etc/mail/aliases | 6 ++++-- src/etc/master.passwd | 4 +++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/etc/group b/src/etc/group index c057a185..c1a2c254 100644 --- a/src/etc/group +++ b/src/etc/group @@ -69,6 +69,8 @@ _file:*:104: _radiusd:*:105: _eigrpd:*:106: _vmd:*:107: +_tftp_proxy:*:108: +_ftp_proxy:*:109: dialer:*:117: nogroup:*:32766: nobody:*:32767: diff --git a/src/etc/mail/aliases b/src/etc/mail/aliases index 31405cc4..a79a6a7b 100644 --- a/src/etc/mail/aliases +++ b/src/etc/mail/aliases @@ -1,5 +1,5 @@ # -# $OpenBSD: aliases,v 1.53 2015/11/09 00:18:37 mlarkin Exp $ +# $OpenBSD: aliases,v 1.54 2015/12/01 07:31:29 deraadt Exp $ # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks or from /usr/libexec/mail.local. @@ -69,7 +69,9 @@ _x11: /dev/null _ypldap: /dev/null bin: /dev/null nobody: /dev/null -proxy: /dev/null +proxy: /dev/null # remove in 6.0 +_tftp_proxy: /dev/null +_ftp_proxy: /dev/null sshd: /dev/null # Well-known aliases -- these should be filled in! diff --git a/src/etc/master.passwd b/src/etc/master.passwd index f0c4a48f..939f09d4 100644 --- a/src/etc/master.passwd +++ b/src/etc/master.passwd @@ -18,7 +18,7 @@ _spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/sbin/nologin www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin _isakmpd:*:68:68::0:0:isakmpd privsep:/var/empty:/sbin/nologin -proxy:*:71:71::0:0:Proxy Services:/nonexistent:/sbin/nologin +proxy:*:71:71::0:0:Old proxy daemon (remove in 6.0):/nonexistent:/sbin/nologin _syslogd:*:73:73::0:0:Syslog Daemon:/var/empty:/sbin/nologin _pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin _bgpd:*:75:75::0:0:BGP Daemon:/var/empty:/sbin/nologin @@ -52,4 +52,6 @@ _file:*:104:104::0:0:file privsep:/var/empty:/sbin/nologin _radiusd:*:105:105::0:0:RADIUS Daemon:/var/empty:/sbin/nologin _eigrpd:*:106:106::0:0:EIGRP Daemon:/var/empty:/sbin/nologin _vmd:*:107:107::0:0:VM Daemon:/var/empty:/sbin/nologin +_tftp_proxy:*:108:108::0:0:tftp proxy daemon:/nonexistent:/sbin/nologin +_ftp_proxy:*:109:109::0:0:ftp proxy daemon:/nonexistent:/sbin/nologin nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin