From 9e3e087e94af45ca65f55ae283a551b911592574 Mon Sep 17 00:00:00 2001
From: claudio <>
Date: Fri, 24 Apr 2020 14:57:31 +0000
Subject: [PATCH] rpki-client does not do privsep and also no chroot to
 /var/empty. Change the user to 'rpki-client user' and the homedir to
 /nonexistent since it is not required for operation of rpki-client. OK
 deraadt@

---
 src/etc/master.passwd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/etc/master.passwd b/src/etc/master.passwd
index c445ccb5..6380f455 100644
--- a/src/etc/master.passwd
+++ b/src/etc/master.passwd
@@ -23,7 +23,7 @@ _pkguntar:*:58:58::0:0:pkg untar user:/nonexistent:/sbin/nologin
 _spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin
 www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin
 _isakmpd:*:68:68::0:0:isakmpd privsep:/var/empty:/sbin/nologin
-_rpki-client:*:70:70::0:0:rpki-client privsep:/var/empty:/sbin/nologin
+_rpki-client:*:70:70::0:0:rpki-client user:/nonexistent:/sbin/nologin
 _syslogd:*:73:73::0:0:Syslog Daemon:/var/empty:/sbin/nologin
 _pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin
 _bgpd:*:75:75::0:0:BGP Daemon:/var/empty:/sbin/nologin