src/etc/group, branch stable/13 FreeBSD source tree etc: remove leftover leading empty comments, blank lines 2023-08-26T18:20:25+00:00 Mike Karels karels@FreeBSD.org 2023-08-22T18:03:28+00:00 b67a8f006d3c35062c506b2cf575eb55798493b6 Remove leftover empty leading comments/blank lines that had been spacers between $FreeBSD$ and the following content in config files in src/etc. Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D41548 (cherry picked from commit 9d6049d5da8ce70b3f815431bdedcee9c04f60cc) 
Remove leftover empty leading comments/blank lines that had been
spacers between $FreeBSD$ and the following content in config files
in src/etc.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D41548

(cherry picked from commit 9d6049d5da8ce70b3f815431bdedcee9c04f60cc)
Remove $FreeBSD$: one-line sh pattern 2023-08-23T17:43:30+00:00 Warner Losh imp@FreeBSD.org 2023-08-22T01:32:01+00:00 023fc80ee38a117fa65b2ccb2abf8bdc7dbd6fd9 Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/ Similar commit in main: (cherry picked from commit d0b2dbfa0ecf) 
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

Similar commit in main:
(cherry picked from commit d0b2dbfa0ecf)
Reserve u2f group for FIDO/U2F key support (SSH, etc.) 2023-03-21T15:59:07+00:00 Ed Maste emaste@FreeBSD.org 2022-02-18T18:13:20+00:00 df5bb849a6e80a287597fd08587a84e34257e726 We have FIDO/U2F support in the base system now, so reserve a group ID for it (maching the security/u2f-devd port). Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34341 (cherry picked from commit d0f1f38202c4176af277185a3b973098bb03fe6d) 
We have FIDO/U2F support in the base system now, so reserve a group ID
for it (maching the security/u2f-devd port).

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34341

(cherry picked from commit d0f1f38202c4176af277185a3b973098bb03fe6d)
Add idle priority scheduling privilege group to MAC/priority 2021-12-19T02:42:51+00:00 Florian Walpen dev@submerge.ch 2021-12-10T01:35:38+00:00 30c3a5f24825a8180ec18adb2921457436b3eb08 (cherry picked from commit a9545eede43b8fac889f3ec3180f5917f0d0b0ea) 
(cherry picked from commit a9545eede43b8fac889f3ec3180f5917f0d0b0ea)
MAC/priority module for realtime privilege group 2021-12-19T02:42:51+00:00 Florian Walpen dev@submerge.ch 2021-12-04T16:17:29+00:00 984b9d89f8396ef53af0ceddfbae549a8db3589e PR: 239125 (cherry picked from commit bf2fa8d9d11c9f2ceff09bacc406876fa37096be) 
PR:	239125

(cherry picked from commit bf2fa8d9d11c9f2ceff09bacc406876fa37096be)
Create and use a tests group for the tests user. 2020-03-27T16:05:37+00:00 Brooks Davis brooks@FreeBSD.org 2020-03-27T16:05:37+00:00 cfe7aad9c3bdbe3d859d43b40ed9203821219c3c No user (except nobody) should be a member of the nobody group. Reported by: rgrimes Reviewed by: rgrimes MFC after: 3 days Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D24199 
No user (except nobody) should be a member of the nobody group.

Reported by:	rgrimes
Reviewed by:	rgrimes
MFC after:	3 days
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24199
Move back group, master.passwd and shells to etc directory 2019-05-23T18:37:05+00:00 Baptiste Daroussin bapt@FreeBSD.org 2019-05-23T18:37:05+00:00 45a13fd89987533add2888ed3cc093fab29e3bbc Use the .PATH mechanism instead so keep installing them from lib/libc/gen While here revert 347961 and 347893 which are no longer needed Discussed with: manu Tested by: manu ok manu@ 
Use the .PATH mechanism instead so keep installing them from lib/libc/gen

While here revert 347961 and 347893 which are no longer needed

Discussed with:	manu
Tested by:	manu
ok manu@
Move master.passwd and group to lib/libc/gen/ 2019-05-16T01:09:13+00:00 Brad Davis brd@FreeBSD.org 2019-05-16T01:09:13+00:00 871b6b10ce2f27a95f1113736f26a1a4d576d1b7 libc was picked as the destination location for these because of the syscalls that use these files as the lowest level place they are referenced. Approved by: will (mentor), rgrimes, manu Differential Revision: https://reviews.freebsd.org/D16728 
libc was picked as the destination location for these because of the syscalls
that use these files as the lowest level place they are referenced.

Approved by:	will (mentor), rgrimes, manu
Differential Revision:	https://reviews.freebsd.org/D16728
Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19T23:55:29+00:00 Ian Lepore ian@FreeBSD.org 2018-07-19T23:55:29+00:00 3496c981ac86b0541bdbc9a211f7847a97df008d Code analysis and runtime analysis using truss(8) indicate that the only privileged operations performed by ntpd are adjusting system time, and (re-)binding to privileged UDP port 123. These changes add a new mac(4) policy module, mac_ntpd(4), which grants just those privileges to any process running with uid 123. This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes them the owner of the /var/db/ntp directory, so that it can be used as a location where the non-privileged daemon can write files such as the driftfile, and any optional logfile or stats files. Because there are so many ways to configure ntpd, the question of how to configure it to run without root privs can be a bit complex, so that will be addressed in a separate commit. These changes are just what's required to grant the limited subset of privs to ntpd, and the small change to ntpd to prevent it from exiting with an error if running as non-root. Differential Revision: https://reviews.freebsd.org/D16281 
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.

This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.

Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.

Differential Revision:	https://reviews.freebsd.org/D16281
Fix regression introduced on r293801. 2016-01-27T06:28:56+00:00 Marcelo Araujo araujo@FreeBSD.org 2016-01-27T06:28:56+00:00 1cf38d9ef88e83245f5e0d546e636e98221ed4f4 The UID/GID 93 is in using by jaber on PORTS, we will use UID/GID 160 for ypldap(8). Reported by: antoine Approved by: bapt (mentor) Differential Revision: https://reviews.freebsd.org/D5062 
The UID/GID 93 is in using by jaber on PORTS, we will use
UID/GID 160 for ypldap(8).

Reported by:	antoine
Approved by:	bapt (mentor)
Differential Revision:	https://reviews.freebsd.org/D5062