Commit Graph

47 Commits

Author SHA1 Message Date
Florian Walpen
a9545eede4 Add idle priority scheduling privilege group to MAC/priority
Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC policy in
the mac_priority module. For this purpose, the kernel privilege
PRIV_SCHED_IDPRIO was added to sys/priv.h (kernel module ABI change).

Deprecate the system wide sysctl(8) knob
security.bsd.unprivileged_idprio which lets any user run idle priority
processes, regardless of context. While the knob is still working, it is
marked as deprecated in the description and in the man pages.

MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D33338
2021-12-10 04:54:48 +02:00
Florian Walpen
bf2fa8d9d1 MAC/priority module for realtime privilege group
This is a MAC policy module that grants scheduling privileges based on
group membership.  Users or processes in the group realtime (gid 47) are
allowed to run threads and processes with realtime scheduling priority.
For timing-sensitive, low-latency software like audio/jack, running with
realtime priority helps to avoid stutter and gaps.

PR:	239125
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D33191
2021-12-04 20:19:25 +02:00
Brooks Davis
cfe7aad9c3 Create and use a tests group for the tests user.
No user (except nobody) should be a member of the nobody group.

Reported by:	rgrimes
Reviewed by:	rgrimes
MFC after:	3 days
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24199
2020-03-27 16:05:37 +00:00
Baptiste Daroussin
45a13fd899 Move back group, master.passwd and shells to etc directory
Use the .PATH mechanism instead so keep installing them from lib/libc/gen

While here revert 347961 and 347893 which are no longer needed

Discussed with:	manu
Tested by:	manu
ok manu@
2019-05-23 18:37:05 +00:00
Brad Davis
871b6b10ce Move master.passwd and group to lib/libc/gen/
libc was picked as the destination location for these because of the syscalls
that use these files as the lowest level place they are referenced.

Approved by:	will (mentor), rgrimes, manu
Differential Revision:	https://reviews.freebsd.org/D16728
2019-05-16 01:09:13 +00:00
Ian Lepore
3496c981ac Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.

This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.

Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.

Differential Revision:	https://reviews.freebsd.org/D16281
2018-07-19 23:55:29 +00:00
Marcelo Araujo
1cf38d9ef8 Fix regression introduced on r293801.
The UID/GID 93 is in using by jaber on PORTS, we will use
UID/GID 160 for ypldap(8).

Reported by:	antoine
Approved by:	bapt (mentor)
Differential Revision:	https://reviews.freebsd.org/D5062
2016-01-27 06:28:56 +00:00
Koop Mast
34c7eb57ed Add a new group named 'video' with the id of 44. And make drm create
devices in /dev/dri/ with this new group.

This will allow ports and users to more easily access to these devices
for OpenGL and OpenCL support.

Reviewed by:	dumbbell@
Approved by:	dumbbell@
Differential Revision:	https://reviews.freebsd.org/D1260
2015-08-09 12:58:56 +00:00
Rui Paulo
ec0e2ac611 Remove most of the ATF tools and the _atf user.
This is necessary because ATF is deprecated and it will be replaced by Kyua.

Submitted by:	jmmv@netbsd.org
Reviewed by:	Garrett Cooper
Approved by:	re
2013-10-12 06:06:53 +00:00
Dag-Erling Smørgrav
8f8790cdf4 Build and install the Unbound caching DNS resolver daemon.
Approved by:	re (blanket)
2013-09-15 14:51:23 +00:00
Marcel Moolenaar
c175365cec Add ATF to the build. This is may be a bit rought around the egdes,
but committing it helps to get everyone on the same page and makes
sure we make progress.

Tinderbox breakages that are the result of this commit are entirely
the committer's fault -- in other words: buildworld testing on amd64
only.

Credits follow:

Submitted by:	Garrett Cooper <yanegomi@gmail.com>
Sponsored by:	Isilon Systems
Based on work by:	keramida@
Thanks to:	gnn@, mdf@, mlaier@, sjg@
Special thanks to:	keramida@
2012-10-22 01:18:41 +00:00
Pawel Jakub Dawidek
3468e4ce38 Add 'hast' user and 'hast' group that will be used by hastd (and maybe hastctl)
to drop privileges.

MFC after:	1 week
2011-01-28 22:28:12 +00:00
Ceri Davies
3213dc8412 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
Robert Watson
cd573a850c Assign gid 77 to audit instead of gid 73. The ports group list did not
include '73', which was assigned in a ports passwd entry to ircservices.

Pointed out by:	ceri
2006-02-05 19:34:09 +00:00
Robert Watson
bbcf7c3697 Allocate an 'audit' group, membership in which will grant the audit
review right by virtue of read file permission on /var/audit and its
contents.

Obtained from:	TrustedBSD Project
2006-02-05 18:04:39 +00:00
Brooks Davis
7217408a65 Add _dhcp user/group as required by the OpenBSD dhclient. 2005-06-06 20:19:56 +00:00
Max Laier
8ee2ac9ef3 Add "privsep" user/group _pflogd:_pflogd (64:64) to make pflogd(8) work
again. This user/group is not required for install* targets, hence do not
add them to CHECK_UIDS/CHECK_GIDS in Makefile.inc1 (no need to annoy
people).

Discussed-on:	-current
2004-06-23 01:32:28 +00:00
Max Laier
be3e0526c2 Add trailing collon
Noticed by:	dwhite
Approved by:	bms(mentor)
2004-03-10 15:04:29 +00:00
Max Laier
8d69c48be5 Link pf to the build and install:
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.

This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.

For those who want to go without pf; it provides a NO_PF knob to make.conf.

__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.

Approved by:	bms(mentor)
2004-03-08 22:03:29 +00:00
Warner Losh
e50dfdc9ab xten isn't needed after tw is gone.
Approved by: re@ (scottl)
2003-04-27 05:49:53 +00:00
Robert Watson
190a0059cf Remove root from the 'guest' group: missed in a previous pass.
Spotted by:	jhb
2002-10-14 20:55:49 +00:00
Robert Watson
975819b705 Remove root from the kmem, sys, tty, and staff groups in the default
configuration.  Root privileges override DAC on local file systems and
therefore root does not generally need to be a member of a group to
access files owned by that group.  In the NFS case, require explicit
authorization for root to have these privileges.

Leave root in operator for dump/restore broadcast reasons; leave root
in wheel until discrepencies in the "no users in wheel means any user
can su" policy are resolved (possibly indefinitely).
2002-10-13 17:00:37 +00:00
Robert Watson
7b2c73b73d For consistency with other entries in group, don't put the daemon or
xten users in their groups explicitly--we pick that up from the gid
field in master.passwd.
2002-10-13 16:26:26 +00:00
Dag-Erling Smørgrav
04b681a999 Add an sshd user and group for the OpenSSH privilege separation code. 2002-06-23 20:41:06 +00:00
Gregory Neil Shapiro
ca8b9ed373 Add two new accounts/groups for sendmail:
smmsp - sendmail 8.12 operates as a set-group-ID binary (instead of
set-user-ID).  This new user/group will be used for command line
submissions.  UID/GID 25 is suggested in the sendmail documentation and has
been adopted by other operating systems such as OpenBSD and Solaris 9.

mailnull - The default value for DefaultUser is now set to the uid and gid
of the first existing user mailnull, sendmail, or daemon that has a
non-zero uid.  If none of these exist, sendmail reverts back to the old
behavior of using uid 1 and gid 1.  Currently FreeBSD uses daemon for
DefaultUser but I would prefer not to use an account used by other
programs, hence the addition of mailnull.  UID/GID 26 has been chosen for
this user.

This was discussed on -arch on October 18-19, 2001.

MFC after:	1 week
2001-11-17 21:24:45 +00:00
Andrey A. Chernov
92277380c8 Re-commit www:www
If anybody wants to remove them for some reason, please consider "pop"
removing first.

Approved by:	arch discussion from Oct 20
MFC after:	3 days
2001-10-25 03:27:16 +00:00
Sheldon Hearn
19aa5cdc3d Back previous revision out until it has been discussed on -arch and
motivated.  Currently, it is under dispute.
2001-10-18 16:53:20 +00:00
Andrey A. Chernov
913b0e4e95 Add www:www (80:80) for upcoming Apache changes 2001-10-17 13:21:53 +00:00
Peter Wemm
9b7a44a60e $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
Matthew Dillon
ac48aa416a Added group bind(53), added sandbox users tty(4), kmem(5), and bind(53),
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
    the (commented out) ident from the kmem sandbox.

    Note that it is necessary to give each group access it's own uid to
    prevent programs running under a single uid from being able to gdb
    or otherwise mess with other programs (with different group perms) running
    under the same uid.
1998-12-01 21:19:49 +00:00
Brian Somers
965066d630 Add Id keyword 1998-09-13 23:11:13 +00:00
Brian Somers
8a13ec3a33 ppp => network
As discussed on cvs-committers
1997-09-04 00:36:38 +00:00
Brian Somers
a393e39cdf Add group ppp (gid 69) 1997-08-31 20:13:38 +00:00
Jordan K. Hubbard
1ac310ddf7 Add mail group. 1997-05-02 00:06:09 +00:00
Poul-Henning Kamp
887d19ddb2 Move "dialer" to gid == 68. 1996-03-12 15:19:31 +00:00
Poul-Henning Kamp
43e028e062 Move user & group "xten" from [ug]id == 100 to 67.
This is less likely to collide with site policies.
1996-03-12 15:17:29 +00:00
Poul-Henning Kamp
41bdbea720 Remove ingres user. 1996-03-12 15:11:47 +00:00
Rodney W. Grimes
843f16dc76 nogroup 32766 -> 65533 to go with nobody's change to 65534. 1995-05-17 10:02:07 +00:00
Andrey A. Chernov
efc05b2bdd change nobody master.passwd entry to 65534:65534
change nobody group entry to 65534
Suggested-by: pst
1995-05-15 19:24:57 +00:00
Jordan K. Hubbard
29fb81664f Add xten user/group.
Submitted by:	Gene Stark <gene@starkhome.cs.sunysb.edu>
1995-04-18 02:03:59 +00:00
Andrey A. Chernov
62936ec704 Intruduce new group for uucp, gid 66 1994-05-31 04:36:30 +00:00
Jordan K. Hubbard
553a59314c As per Rod's wishes, man uses uid/gid 9 now. 1994-03-19 23:31:39 +00:00
Jordan K. Hubbard
5dfaa17305 Remove man group - no longer necessary (that was quick! :). I'll let Rod
pick the uid for the `man' user, since he staked a claim on that, but he'd
better not forget or the make install will break badly! :)
1994-03-19 22:45:04 +00:00
Jordan K. Hubbard
8f74b71719 Added a man group ID. 1994-03-18 11:45:49 +00:00
Rodney W. Grimes
0a0018c5ce >From: Andreas Schulz <ats@g386bsd.first.gmd.de>
Subject: failure in /usr/src/etc/group

The /usr/src/etc/group file is missing a colon in the line
"dialer:*:117" at the end.
1994-02-25 14:11:16 +00:00
Rodney W. Grimes
5db8869fd9 Removed bill and lynne from group file, this was a security hole in the
0.1 distribution, as they had accounts in the password file with out passwords,
and were in group wheel!
1993-07-19 18:56:42 +00:00
Rodney W. Grimes
1bf9d5d951 Initial import of 386BSD 0.1 othersrc/etc 1993-06-20 13:41:45 +00:00