[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Running named as root ? Why not change it standard cobalt ??

Subject: RE: [cobalt-users] Running named as root ? Why not change it standard cobalt ??
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
Date: Sun Sep 9 17:15:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Along a similar subject I've got a couple of Qube2's running
nameservers, but at the moment there doesn't appear to be a Cobalt pkg
for bind9 or even a newer one that the original (Which is the insecure
old 4 version if my memory serves correctly)
Has anyone had experience of upgrading, or know of where any PKG's for
going to bind9?


Andy Brown
 

-----Original Message-----
From: Scott F [mailto:scott_falco@xxxxxxxxx]
Sent: 06 September 2001 12:34 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: [cobalt-users] Running named as root ? Why not change it
standard cobalt ??


I sent this message previously (prior to my last
post), but it looks like it didn't make it. To make
short of it:

useradd -c "RaqNamed" -u 25 -s /bin/false -r -d
/etc/named raqnamed 2>/dev/null || :

(above all on one line)

Then under /etc/rc.d/init.d/named -change the 2
instances of:

daemon named

to read:

daemon named -u raqnamed -g raqnamed

Details of what this does:

The '-u 25' option informs the system to set the UID
to
number 25, which refers to the named user. 

The '-s /bin/false' option informs the system to use
the program /bin/false as a shell for this user, which
means that user 'named' will not have shell access to
the system should someone get in on that user. The
/bin/false redirects the input to a null device
(/dev/null) for better security. 

The '-r -d /etc/named' informs the system to create a
home directory for this user, which will be located
under /etc/named directory.

Finally the name coming after the '-r -d /etc/named'
gives the username, which is associated with the
numerical ID 25 for this user, in our case the user
will be 'rapnamed'.

Let's hope this one makes it!

Cheers!
Scott

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger
http://im.yahoo.com

_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

Prev by Date: [cobalt-users] log files & rotation
Next by Date: [cobalt-users] URL Shown in Browser
Previous by thread: [cobalt-users] Running named as root ? Why not change it standard cobalt ??
Next by thread: [cobalt-users] Domain aliasing - RaQ4

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index