From 01c63bc35a4a6bb1abebd1f4f5e5ba1ac19750b1 Mon Sep 17 00:00:00 2001 From: lukem Date: Thu, 11 Oct 2001 07:21:07 +0000 Subject: [PATCH] - add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd --- etc/defaults/rc.conf | 6 +++--- etc/group | 1 + etc/master.passwd | 3 ++- etc/mtree/NetBSD.dist | 23 ++++++++++++----------- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index c2ee41fe964e..fbaed8341a75 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -1,4 +1,4 @@ -# $NetBSD: rc.conf,v 1.22 2001/09/24 11:34:11 hubertf Exp $ +# $NetBSD: rc.conf,v 1.23 2001/10/11 07:21:07 lukem Exp $ # # /etc/defaults/rc.conf -- # default configuration of /etc/rc.conf @@ -145,9 +145,9 @@ sshd=NO sshd_flags="" # To run the named(8) DNS server as an unprivileged user under a # chroot(2) cage, uncomment the following after migrating the contents -# of /etc/namedb to /var/named/etc/namedb +# of /etc/namedb to /var/chroot/named/etc/namedb # -#named_chrootdir="/var/named" +#named_chrootdir="/var/chroot/named" # Routing daemons. # diff --git a/etc/group b/etc/group index 4e44c3aaae81..fcd3c096a20f 100644 --- a/etc/group +++ b/etc/group @@ -12,6 +12,7 @@ maildrop:*:11: postfix:*:12: games:*:13: named:*:14: +ntpd:*:15: staff:*:20:root guest:*:31:root nobody:*:39: diff --git a/etc/master.passwd b/etc/master.passwd index bb81ac1a3565..3c5a387b74d6 100644 --- a/etc/master.passwd +++ b/etc/master.passwd @@ -6,6 +6,7 @@ bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin news:*:6:8::0:0:Network News:/var/spool/news:/sbin/nologin games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin postfix:*:12:12::0:0:Postfix pseudo-user:/var/spool/postfix:/sbin/nologin -named:*:14:14::0:0:Named pseudo-user:/var/named:/sbin/nologin +named:*:14:14::0:0:Named pseudo-user:/var/chroot/named:/sbin/nologin +ntpd:*:15:15::0:0:Ntpd pseudo-user:/var/chroot/ntpd:/sbin/nologin uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico nobody:*:32767:39::0:0:Unprivileged user:/nonexistent:/sbin/nologin diff --git a/etc/mtree/NetBSD.dist b/etc/mtree/NetBSD.dist index 9423b4f4d4f8..de1e0edd040a 100644 --- a/etc/mtree/NetBSD.dist +++ b/etc/mtree/NetBSD.dist @@ -1,4 +1,4 @@ -# $NetBSD: NetBSD.dist,v 1.169 2001/10/08 02:48:49 lukem Exp $ +# $NetBSD: NetBSD.dist,v 1.170 2001/10/11 07:21:07 lukem Exp $ # @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93 /set type=dir uname=root gname=wheel mode=0755 @@ -583,6 +583,17 @@ ./var/at/jobs mode=0700 ./var/at/spool mode=0700 ./var/backups +./var/chroot +./var/chroot/named +./var/chroot/named/dev +./var/chroot/named/etc +./var/chroot/named/etc/namedb +./var/chroot/named/etc/namedb/cache mode=0775 uname=named gname=named +./var/chroot/named/usr +./var/chroot/named/usr/libexec +./var/chroot/named/var +./var/chroot/named/var/run mode=0775 gname=named +./var/chroot/named/var/tmp mode=01775 gname=named ./var/crash mode=0770 ./var/cron ./var/cron/tabs mode=0700 @@ -599,16 +610,6 @@ ./var/log/rdist ./var/mail mode=1777 ./var/msgs uname=daemon -./var/named -./var/named/dev -./var/named/etc -./var/named/etc/namedb -./var/named/etc/namedb/cache mode=0775 uname=named gname=named -./var/named/usr -./var/named/usr/libexec -./var/named/var -./var/named/var/run mode=0775 gname=named -./var/named/var/tmp mode=01775 gname=named ./var/preserve ./var/quotas gname=operator mode=0750 ./var/run