From owner-cvs-etc  Mon Oct 27 10:00:39 1997
Return-Path: <owner-cvs-etc>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id KAA10214
          for cvs-etc-outgoing; Mon, 27 Oct 1997 10:00:39 -0800 (PST)
          (envelope-from owner-cvs-etc)
Received: from lsd.relcom.eu.net (lsd.relcom.eu.net [193.124.23.23])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA10060;
          Mon, 27 Oct 1997 09:58:36 -0800 (PST)
          (envelope-from ache@lsd.relcom.eu.net)
Received: (from ache@localhost)
	by lsd.relcom.eu.net (8.8.7/8.8.7) id UAA00948;
	Mon, 27 Oct 1997 20:57:36 +0300 (MSK)
	(envelope-from ache)
Date: Mon, 27 Oct 1997 20:57:33 +0300 (MSK)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
X-Sender: ache@lsd.relcom.eu.net
To: Nate Williams <nate@mt.sri.com>
cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-etc@FreeBSD.ORG
Subject: Re: cvs commit: src/etc master.passwd
In-Reply-To: <199710271718.KAA00563@rocky.mt.sri.com>
Message-ID: <Pine.BSF.3.96.971027204745.912A-100000@lsd.relcom.eu.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 27 Oct 1997, Nate Williams wrote:

> > ache        1997/10/27 08:59:09 PST
> > 
> >   Modified files:
> >     etc                  master.passwd 
> >   Log:
> >   Move nobody to daemon class, otherwise it is impossible to start fingerd
> >   while Apache is running, it effectively eats all default class limits for
> >   nobody
> 
> This seems silly.  'nobody' is nobody, and if Apache is running as
> nobody, it should be running as daemon, or another (new) user.  nobody
> should be running as 'nobody'. :)

It is sharing name conflict, both Apache and fingerd runs as nobody,
but Apache do it with daemon class while inetd runs fingerd with default
class only (which is very limited). So nothing left to fingerd while
Apache occupes its resources.

There is old tradition exists to run Apache as nobody and it is better to
not touch it. It is possible to change fingerd owner from nobody to some
other nouser, but we don't have one and it looks silly to have many
nousers. Moreover, tftp f.e not resistent of this problem too since it
runs as nobody. 

Since nobody not means normal user (and its limits) in any case, it seems
logical to assign daemon class for it resolving all issues above. 

-- 
Andrey A. Chernov
<ache@nietzsche.net>
http://www.nagual.pp.ru/~ache/