Am Mittwoch, den 12.06.2019, 11:01 -0500 schrieb Douglas R. Reno via blfs-dev: > Hi folks, > > I was just building rpcbind-1.2.5 and noticed a curious difference between > SysV and systemd's instructions. > On systemd, we create a separate "rpc" user to isolate the package similar to > how we would any other system daemon: > "There should be a dedicated user and group to take control of the rpcbind > daemon after it is started. Issue the following commands as the root user: > groupadd -g 28 rpc > useradd -c "RPC Bind Daemon Owner" -d /dev/null -g rpc \ > -s /bin/false -u 28 rpc > > On SysV, we tell the rpcbind daemon to use the root user in the configure > command: "--with-rpcuser=root". On systemd, we tell it to use > "--with-rpcuser=rpc". > > Should we setup a dedicated user and group for the rpcbind daemon in SysV > like we do for systemd?
From security perspective a dedicated user might be the better choice than root. Looks like that root isn't required to be the user running rpcbind. I'd vote for user rpc. -- Thomas -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
