Ubuntu

Guest account: /etc/group and /etc/passwd files.

Asked by daniel CURTIS

Hi. I've a question regarding to the Guest account (system: Xubuntu 12.04 LTS). It is normal, that this entries appear in the '/etc/group' and '/etc/passwd' files?:

,-------[ /etc/group file ]
| guest-7IvY4k
| guest-8kLx7W
| (...)
`-------

,-------[ /etc/passwd file ]
| guest-7IvY4k:x:113:122:Guest,,,:/tmp/guest-7IvY4k:/bin/bash
| (...)
`-------

There is so many such entries in each of the files. Generally after every login as a Guest. I am most interested about '/bin/bash' in the '/etc/passwd' file. For me, there should be something like '/bin/nologin' or '/bin/false' etc., but then Guest - probably - will not be able to login, right?

So, it is a normal behavior?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
daniel CURTIS
Solved:
Last query:
Last reply:
Revision history for this message
Savio (abhijeet) said : 		#1

Guest account is enable via Lightdm display manager. It has nohing to do with linux user management.
And also Guest account is non-persistant means settings are not stored when you log-off .

Regards,
Savio

Revision history for this message
daniel CURTIS (anoda) said : 		#2

Hi Savio. Yes, you're right - Guest settings are not stored after logging out. I also asked a question about this 'non-saving' settings and Guest account[1]. I know, that Guest account is enabled via Lightdm DM and it is protected by AppArmor etc., but I would like to know if all settings, which were set in "normal" user acount, also relates to the Guest account. If not, this account, seems to be... insecure(?) - without iptables and other hardening options (luckily there is a AppArmor profile), but...

So, what is the truth?

_____________________
[1] https://answers.launchpad.net/ubuntu/+question/223761

Revision history for this message
Savio (abhijeet) said : 		#3

Hi,

All your firewall, user access control macnisham are build into your Linux kernel and lightdm is run above the kernel so all Linux security feature are build into guest account also. Don't worry.

Regards,
Savio

Revision history for this message
daniel CURTIS (anoda) said : 		#4

Hi, it seems that it is normal. Some info on this can be found in e.g. /var/log/kern.log file etc. Best regards.