On Sat, Nov 20, 2010 at 06:32:26PM +0100, MichaÅ Piotrowski wrote: > How about removing some old unix crud? (he said this and he saw that > some people starts to gather firewood in the stack :)) > > Anyone uses gopher, uucp? > > sync:x:5:0:sync:/sbin:/bin/sync Someone at Red Hat asked me once what the purpose of the sync user was, and I did some research and wrote the reply below. It may be interesting. Rich. <quote> If you read this old (1988) advisory: http://www.cert.org/advisories/CA-1988-01.html it seems clear the original intent of the 'sync' user was to allow an administrator to log in as 'sync' and have that synchronize the disks, without needing a password. There were apparently other user accounts like 'who' with a similar purpose, and in the current passwd file we can find similar accounts like 'halt' and 'shutdown'. However having a passwordless guest account, even without a shell, is a security hole (because some misconfigured or poorly written services could allow access from one of these "users"): http://www.cert.org/tech_tips/unix_configuration_guidelines.html#A.1.ii I tried to find out for you when the 'sync' user was added to Unix. It's *not* in Unix v7 (1979): http://unix-tree.huihoo.org/V7/etc/passwd.html It *is* in Fedora Core 1 (2003) and RHL 5.0 (1996?) and Debian 0.9 (1995). All of these have the password field set to '*' to prevent the security problem. After a lot of internet spelunking, I found that MCC Interim Linux (1992?) contained a 'sync' user with no password! So you could have walked up to an MCC Interim Linux box c1992, and logged in as 'sync' / no password, and it would have synchronized the disks. It seems we inherited this tradition from Unix systems dating back to some time in the 1980s. It was carried over to Linux in 1991/1992, but soon afterwards the empty password field was replaced with a '*' because of security concerns, and it's been like that to this day. </quote> -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel