From 9e3e087e94af45ca65f55ae283a551b911592574 Mon Sep 17 00:00:00 2001 From: claudio <> Date: Fri, 24 Apr 2020 14:57:31 +0000 Subject: [PATCH] rpki-client does not do privsep and also no chroot to /var/empty. Change the user to 'rpki-client user' and the homedir to /nonexistent since it is not required for operation of rpki-client. OK deraadt@ --- src/etc/master.passwd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/etc/master.passwd b/src/etc/master.passwd index c445ccb5..6380f455 100644 --- a/src/etc/master.passwd +++ b/src/etc/master.passwd @@ -23,7 +23,7 @@ _pkguntar:*:58:58::0:0:pkg untar user:/nonexistent:/sbin/nologin _spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin _isakmpd:*:68:68::0:0:isakmpd privsep:/var/empty:/sbin/nologin -_rpki-client:*:70:70::0:0:rpki-client privsep:/var/empty:/sbin/nologin +_rpki-client:*:70:70::0:0:rpki-client user:/nonexistent:/sbin/nologin _syslogd:*:73:73::0:0:Syslog Daemon:/var/empty:/sbin/nologin _pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin _bgpd:*:75:75::0:0:BGP Daemon:/var/empty:/sbin/nologin