Date: Mon, 27 Oct 1997 11:03:30 -0700 (MST) From: Nate Williams <nate@mt.sri.com> To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru> Cc: Nate Williams <nate@mt.sri.com>, cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-etc@freebsd.org Subject: Re: cvs commit: src/etc master.passwd Message-ID: <199710271803.LAA00863@rocky.mt.sri.com> In-Reply-To: <Pine.BSF.3.96.971027204745.912A-100000@lsd.relcom.eu.net> References: <199710271718.KAA00563@rocky.mt.sri.com> <Pine.BSF.3.96.971027204745.912A-100000@lsd.relcom.eu.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> Move nobody to daemon class, otherwise it is impossible to start fingerd >>> while Apache is running, it effectively eats all default class limits for >>> nobody >> This seems silly. 'nobody' is nobody, and if Apache is running as >> nobody, it should be running as daemon, or another (new) user. nobody >> should be running as 'nobody'. :) > > There is old tradition exists to run Apache as nobody and it is better to > not touch it. It's *worse* to change nobody to be effectively 'daemon'. It's alot easier (and better) to give Apache a new user then to make nobody 'daemon'. (Think NFS, among other things.) > Since nobody not means normal user (and its limits) in any case, it seems > logical to assign daemon class for it resolving all issues above. No, nobody means 'nobody'. Apache is a 'daemon', so if that's not appropriate, create a new user for it. Either that or disable fingerd on machines where Apache is running. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710271803.LAA00863>