|
What the fink?!
Hi, I'm not sure if this should go here or in the "System" section, but I'm pretty sure this oddity has something to do with a recent fink installation, so I'm posting here. Anyway, I've recently installed some things from fink; "fink self-update", "anacron" and then "bash". I was going to try something out and didn't want to risk my own user directory, so I went to the System Preferences/Users to create a new user, when I saw the following users!
<me> News Server MySQL Database Server PostgreSQL Database Game Files Owner Canna Japanese Input Postfix Mail Transfer Agent Now, I'm considering freaking out, setting my hair on fire, and running around until I collapse from exhaustion, but I thought maybe I'd check here first to see if anyone could come up with better advice. Anyone know what's going on? Or have any gasoline and running shoes I could borrow? Thanks. |
When you I installed MySQL and a few other things through fink, those users showed up, more interesting is that corresponding groups are also created (Check in NetInfo Manager). My guess is that fink creates these users/groups for packages who run as servers (don't know why, they'd need them...), like MySQL, PostgreSQL, mail and news servers. I'm completely stumped about the Canna Japanese Input.. Maybe Terminal related??
And Game Files Owner.. wtf?? |
Yeah, and I didn't_even_install_MySQL! So did you delete those "users"? Should I? I don't know this is just WEIRD
|
I just let them be. Afaik they donīt do any harm, and they might be needed. I for one, am not going to take the chance of my MySQL installation stopping working...
|
New Users...
The problem with users is that when you install fink version 3.1 or later and update all fink, "passwd" will become installed to support some of the other packages which require that users be created specifically to own and manage the resources (e.g. mysql)
The installer at some point do ask if you agree to the creation of this new users and you must have answered yes. First of all don't panic! << Some people did panicked and tried to delete the users with the wrong method. In some cases, netinfo manager was either hung or just slow to return from the spinning disc and a shutdown during that operation has resulted in a complete hose-job. Other users have deleted the extra users, but that resulted in the system permissions being set (reset) to adjust for the deletion of a user which owns a directory(ies)... and some have had their personal directories reverted to root ownership, lost the ability to log in as root , etc.etc.etc.>> Those new account will not bother you at all if you leave them where they are. But, if you really want to delete them, I recommend you use "nicl" , Netinfo Command Line Utility. Before doing so, please read the man pages for nicl very carefully. Because there is potential to screw up your computer, you should back up the NetInfo database like this: Just run the command 'sudo gnutar czf netinfo_backup.tgz /var/db/netinfo/local.nidb' (without the single quotes, of course); that will back it up into a file called netinfo_backup.tgz. Then, if you want for example to remove the "mysql user": >Welcome to Darwin! Thu Feb 7 14:22:29 SGT 2002 [pm: /Users/pm] sudo nicl . > Password: > / > cd users > /users > rm mysql > /users > quit > Goodbye > [pm: /Users/pm] After deleting them, if they are needed by some fink program you can create the users again. (So check their permissions, etc...) Be carefull. Cheers... |
i remember fink asking me to agree to create these accounts. it seemed perfectly reasonable, as i know some of those products need those accounts.
after the install, i checked netinfo, and since they didn't create open login accounts, no worries. it's a common technique to enable the package to play nice, as it needs to have ownership of its files and log messages under the appropriate user and whatnot. |
Well if these additional users are safe, I'll just keep'em instead of risk screwing up my system by deleting them. The only troublesome thing is when I go to System Preferences/Users, and click the Password tab, they seem to have a password the same number of characters as MY (admin) password, so I'm assuming they're using my password too. I wonder if this poses a security risk? Thanks to all for responding!
|
whew! i panic'd there for a minute because i never bothered to check the users pref panel, just the netinfo mgr (tanx for the poop, TiMan, good idea)
[ oh, and only the first eight chars of a pw are considered. go ahead and change your pw to ten chars. then login with eight or 20 chars, the first eight right chars will authenticate. ] right? the password entries in netinfo are '*', which i believe (hope) means the account can't login. their login dir is / and shell is /dev/null. that they are defined as accounts in the users pref panel is troublesome, as the only thing you can do there is fiddle with some login candy and pw. also of note, there appears to be password aging properties for these accounts. anyone know how to enable pw aging in OSX? manuals are completely bereft of any clues (of how chpass floats to netinfo, anyhow). |
I decided to copy the following posts as information for new fink users:
From the fink lists archive: <<You have installed a package which has a dependency on the 'passwd' package. 'passwd' is a sort of general-purpose package that sets up a couple of extra users on your system in the event that you someday decide to install packages that require these extra users. If you decide that you cannot bear the thought of these extra users on your system (note that there should be no security problems since they cannot be used to log into your system [they have no passwords]), you may consider deleting them, though I wouldn't recommend it personally. If you were to do so, though, be sure to use niutil or NetInfo Manager, NOT the System Preferences -> Users pane.>> -------------- <<This is actually a security "feature". All unix processes have to run as one user or another. System processes generally run as the user root, but for a process such as MySQL to run as root would be a big security breach, so it creates a user with no privledges to run under. This user also becomes the owner of any files that the process needs to have write access to, adding another layer of security. In theory you could have a single generic user account that all of these processes run under (some Linux systems use 'nobody') but this could get messy so it customary to have different accounts such as mail, news, apache, mysql, etc.>> So there. Cheers... |
What about *SQL from elsewhere?
Maybe I should make this a new thread, but I just came to this old thread from the more recent To Fink or Not To Fink thread. ANYWAY:
I installed PostgreSQL and PHP on my machine using Marc Liyanage's pre-compiled binaries a couple of months ago. They work great. If I take the plunge and set up Fink on my system, I'm afraid to allow Fink to install the users it suggests (as discussed earlier in this thread), because I've heard of people with pre-existing accounts for *SQL lose access to their databases etc. because of the new user created by the Fink passwd thingy. Is there any way to choose which users Fink creates, or is it an all-or-none proposition? If I already have, for example, a user named 'postgres' for handling my PostgresSQL install, should I absolutely not allow Fink to install its users, or is there some way to have my cake and eat it too (as it were), ie. keep the current install but also let Fink make its users, and have everything work together?? Thanks. |
Cobalt,
Fink will only install the new users if you install the 'passwd package' or some other package which has a dependency on the 'passwd' package. When you install 'passwd' this will come up: ------------------- Existing entries with these names or numbers will be overwritten or otherwise affected by this. On the other hand, some Fink packages will not work unless these entries are in the NetInfo database. You can make adjustments to the files /sw/etc/passwd-fink and /sw/etc/group-fink now (from another window), then say yes here. Or you can say no here and add the users and groups manually (e.g. on your central NetInfo server). If you don't know what all of this is about, just say yes. Do you want to continue? [Y/n] ------------------- So then, I you accept the installation of the new users, existing entries with these names or numbers will be overwritten or otherwise affected by this. But, it also says you can make adjustments before installation in /sw/etc/passwd-fink : Code:
#Code:
#If you decide not to install the new users, and the need arise later for one of them, you can install it manually. <<Or you can say no here and add the users and groups manually (e.g. on your central NetInfo server).>> Cheers... |
Maaaahvelous!
Thank you, Sao! Your reply was extremely helpful, as always. That info makes me much more confident that I can have everything I want with Fink and not worry about screwing up my system. It looks like I just need to delete the line in each of those two files that refers to pgsql, and everything will be fine.
Thanks again! |
Cobalt,
I never tried that way myself, but it will probably work. Please, let me know the results. Good luck. Cheers... |
Hello,
Personally, I wouldn't delete them but change them, maybe to FPostgre (f for fink). I'm not sure if that's the best way, but the user would get created and down the line i can always install finks version instead of a binary. I don't mind having a few extra users. Vonleigh |
Quote:
Vonleigh (or Sao), can you confirm that the names at the beginning of each line of the code posted (ie. the code from /sw/etc/passwd-fink and /sw/etc/group-fink files) are what will become the login names of those users? Thanks! |
Cobalt,
I also agree with vonleigh, that it would be better to change them and not to delete them, just in case it brake things down. I will come back in a few moments to confirm about the users names. I'm 99.9% sure, but that's not enough. Cheers... |
Cobalt,
Allright ! Yes they are. Here is what I did to test all the process. I went to both files and changed the name from the user mysql to ...fmysql. Then open the terminal and did: 'fink rebuild passwd' It build with no problems and I checked the users names in Netinfo Manager and ...fmysql was there waiting for me. Cheers... |
Great!
Thank you so much, Sao! That's great news. I really appreciate your taking the time to check this out. As soon as I get some time in the next few days, I think I'll finally install Fink!
Cobalt |
I don't quite see if this applies to my problem which is that I already have Postfix on my machine, installed by hand and, if I install passwd, I don't want it overwriting the postfix user that is already there.
How can I install passwd and not have it create a postfix user? It seems the method described by sao is meant to change the users after they have been created by passwd. Also, I don't see the point in having a "fpostfix" user that will never be of any use with that name, even if I later decide to install a new version of Postfix using Fink. I think it would be better to be able to install passwd without the users that are already present. Is that possible? Ellen |
Quote:
Quote:
As far as eliminating users, I would guess (and this is purely a guess) that you could simply delete some of the users from the two files discussed above. Cobalt |
| All times are GMT -5. The time now is 06:24 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.