Creating system users and system groups
Till Kamppeter
till.kamppeter at gmail.com
Thu Feb 2 14:18:24 UTC 2017
On 02/02/2017 08:19 AM, Oliver Grawert wrote:
> on a side note this is also not necessary, all your services can run as
> root thanks to confinement, the user will not matter since other
> processes can only access your services through interfaces that shield
> them. running as root is fine here ...
>
Did not kow about that. Interesting to know. Needs to be added to the docs.
The addition of "lpadmin" in CUPS serves for making users print queue
admins, as members of this group can add, modify, and delete print
queues. CUPS builds and runs without this group, making queue
administration root-only, but how will print queue administration work
then? How do I control who can do it and who not.
In DEB-based Ubuntu the first (and any admin) user is in the "lpadmin"
group and using the command line utilities of CUPS or printer setup
tools like system-config-printer he can add/modify/delete print queues
and also modify /etc/cups/cupsd.conf (but not /etc/cups/cups-files.conf)
without needing to enter a password.
avahi-daemon runs as the user "avahi" in the DEB package. By simple
./configure option manipulation (like setting system user to "root") I
did not yet get it to build without erroring out on missing "avahi"
user/group. Will check again, but perhaps here a system user/group is
needed. Perhaps one can hi-jack an existing one.
Till
More information about the Snapcraft
mailing list