On Tue, 2005-01-11 at 00:04 -0800, tuxxer wrote: > > Section 1.5.1) > > > > <nitpick>You've listed snortd, which doesn't ship with Fedora > > Core</nitpick>. > > > > I'm running snortd, so it showed up in the list when I ran the > command. ;-) If you're writing official documentation, it's probably a good idea for you to have a "stock" system to do fact-checking. Like you, I have a lot of things on my system that don't come with Fedora Core. I do testing for documentation either in a VMWare guest that has the stock distribution installed, or on a separate box. > > Strictly IMHO, disabling service accounts is often excessive and causes > > a maintenance problem. They can't login locally, and you can easily > > block remote logins (see above). > > Rahul mentioned something along these lines. Does anyone know for sure > if you remove a certain service that the user for that service is > removed as well? I don't remember for sure, but I believe that the user > remains. It differs from package to package. It also depends on what you mean when you say "remove a certain service." Are you talking about doing "chkconfig --del"? If so, then definitely not. But if you're talking about "rpm -e", then the answer is "sometimes." For instance, rpm -q --scripts bind rpm -q --scripts nfs-utils shows that bind nicely removes named when it is uninstalled, and nfs- utils does the same with its associated users. However, rpm -q --scripts httpd shows that httpd is not as good at cleaning up after itself. There may be a reason for this. For instance, if a system administrator is running a web server, but has the "userdel" command aliased under the root account to automatically use the "-r" option, and did "rpm -e httpd", then he would run the risk of deleting the entire /var/www, which is user apache's home directory. That's just idle speculation on my part; I have no idea whether there's a real rationale hidden in there or not. -- Paul W. Frields, RHCE
