From c9b4c6254f5b503416eb7a4972441b245393fbc8 Mon Sep 17 00:00:00 2001 From: nicm <> Date: Mon, 27 Apr 2015 13:48:06 +0000 Subject: [PATCH] Add a _file user and use for privsep, ok deraadt --- src/etc/group | 1 + src/etc/mail/aliases | 3 ++- src/etc/master.passwd | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/etc/group b/src/etc/group index 4ab13e29..259b3670 100644 --- a/src/etc/group +++ b/src/etc/group @@ -61,6 +61,7 @@ _ldapd:*:100: _iked:*:101: _iscsid:*:102: _smtpq:*:103: +_file:*:104: dialer:*:117: nogroup:*:32766: nobody:*:32767: diff --git a/src/etc/mail/aliases b/src/etc/mail/aliases index 9a738036..d3a37649 100644 --- a/src/etc/mail/aliases +++ b/src/etc/mail/aliases @@ -1,5 +1,5 @@ # -# $OpenBSD: aliases,v 1.47 2014/09/20 09:59:52 ajacoutot Exp $ +# $OpenBSD: aliases,v 1.48 2015/04/27 13:48:06 nicm Exp $ # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks or from /usr/libexec/mail.local. @@ -24,6 +24,7 @@ www: root _bgpd: /dev/null _dhcp: /dev/null _dvmrpd: /dev/null +_file: /dev/null _fingerd: /dev/null _ftp: /dev/null _hostapd: /dev/null diff --git a/src/etc/master.passwd b/src/etc/master.passwd index 1315b37a..466914a6 100644 --- a/src/etc/master.passwd +++ b/src/etc/master.passwd @@ -44,4 +44,5 @@ _ldapd:*:100:100::0:0:LDAP Daemon:/var/empty:/sbin/nologin _iked:*:101:101::0:0:IKEv2 Daemon:/var/empty:/sbin/nologin _iscsid:*:102:102::0:0:iSCSI Daemon:/var/empty:/sbin/nologin _smtpq:*:103:103::0:0:SMTP Daemon:/var/empty:/sbin/nologin +_file:*:104:104::0:0:file privsep:/var/empty:/sbin/nologin nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin