Red Hat Bugzilla – Bug 10196
/etc/passwd, /etc/group contains too many default entries
Last modified: 2014-03-16 22:13:03 EDT
All these users should be installed by the corresponding package instead mail:x:8:12:mail:/var/spool/mail: news:x:9:13:news:/var/spool/news: uucp:x:10:14:uucp:/var/spool/uucp: gopher:x:13:30:gopher:/usr/lib/gopher-data: ftp:x:14:50:FTP User:/home/ftp: xfs:x:100:101:X Font Server:/etc/X11/fs:/bin/false gdm:x:42:42::/home/gdm:/bin/bash postgres:x:40:233:PostgreSQL Server:/var/lib/pgsql:/bin/bash squid:x:23:23::/var/spool/squid:/dev/null We already have a good few of these defined in NIS, with conflicting UIDs, GIDs and even home directories of course. The postinstall script should only add the user if needed, and use chown to fix things up. I'd rather live with the spurious warnings from "rpm -Va" than the chaos today. (We would have avoided the problem with ftp, since we don't need anonftp on Linux ;-) postgresql has a different bug as a bonus: GIDs (or UIDs) above 99 should never EVER be used by the OS -- those values are reserved for local use.
xfs, gdm, postgres, and squid are installed by the packages. As for postgres's GID ending up above 100, there was apparently a conflict when the package was installed; as of the current tree in rawhide, all conflicts should be resolved (except for user-added system IDs.) We can't remove users from the /etc/passwd and group provided by the setup package (to move them to other packages), becuase there's no way to propagate this on upgrades, as /etc/passwd and /etc/group are never replaced on upgrades.
Sorry about the red herrings. Even if it is impossible to fix it by upgrading the packages, it would be nice if it was changed for fresh installs (coordinated with changes in anonftp and inn, of course). Kjetil T. (very impressed by the quick turnaround again and again)