Why do some usernames on FreeBSD start with an underscore?
There may be more than one case, but the one you point out was discussed in a mailing-list thread ISC DHCP Server port UID/GID question in 2008, where the _dhcp
user was known to be a special account (with different privileges from the daemon):
I noticed that, but I believe that that is a privilege separation
account that is used with the OpenBSD-version of the dhclient. Also, as
I pointed out, if this is usable, then why isn't the isc-dhcp-server
port using it instead of allocating a UID/GID for itself during the install?
Erik
Florent Thoumie wrote:
> On Jan 18, 2008 12:01 PM, Erik Van Benschoten <evanben at valleycomnet.com> wrote:
>> Greetings,
>>
>> Is there a specific reason that the port of the ISC's DHCP server does
>> not seem to have/use a registered UID/GID?
>
> Maybe because there's already _dhcp user (uid 65) in base?
Checking my FreeBSD 10 machine, I see another account, this one labeled clearly enough:
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
Further reading:
- Privilege Separated OpenSSH
OpenBSD 3.6 ChangeLog
- Have dhclient(8) fall back to user nobody if user _dhcp doesn't exist. Helps with upgrades.
- New _dhcp user and group for, funnily enough, the DHCP programs.
- Have dhclient(8) fall back to user nobody if user _dhcp doesn't exist. Helps with upgrades.
"user/group _pflogd:_pflogd" what's with the _ ? (freebsd-current mailing list, 2004)
pf not logging on 5.3-BETA3 ? (freebsd-pf mailing list, 2004)
Okay, have you guys read UPDATING? > 20040623: > pf was updated to OpenBSD-stable 3.5 and pflogd(8) is privilege > separated now. It uses the newly created "_pflogd" user/group > combination. If you plan to use pflogd(8) make sure to run > mergemaster -p or install the "_pflogd" user and group manually.