Which users are necessary on Unix/Linux?

I want to know which users are necessary for a Unix/Linux system. I found a doc which told me that there were three necessary users: root, bin, and daemon.

For the user bin and the user daemon, I still can’t understand what they are used for. Here is how the doc described them:

Notes: The bin User ID/Group ID is included for compatibility with
legacy applications. New applications should no longer use the bin
User ID/Group ID.
The daemon User ID/Group ID was used as an
unprivileged User ID/Group ID for daemons to execute under in order to
limit their access to the system. Generally daemons should now run
under individual User ID/Group IDs in order to further partition
daemons from one another.

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

What are the bin and daemon users used for?

First, note that the document you’re referring to is the Linux Standard Base, and it lists requirements for systems to be considered LSB-compliant, not for them to be viable in general.

A long time ago, dæmons ran as root. This was eventually considered to be undesirable, since it meant that any dæmon could do anything it wanted in the system. So the daemon user was introduced: dæmons ran as user daemon, so they were limited to what that user could do.

The reasons for bin are in a similar vein, and have been obsolete for thirty years

Nowadays, as mentioned in the LSB, they are only present for legacy reasons, i.e. to be able to run ancient software which assumes those users are present. Current software doesn’t need them.

What users are necessary on a Linux/Unix system?

The short answer to that is, whatever users are used by the system.

However, all Linux and Unix-style systems have policies which specify that a certain baseline can be assumed. This includes default system users and groups; see for example Debian Policy (which defines the framework) and the master list of Debian system users. Any Debian package can assume that those users are present: Policy specifies that they are

the same on every Debian system

(although Debian Policy is descriptive, not normative, it does set up a number of assumptions which the rest of Debian relies on).

So you can in theory remove any user and group which your system doesn’t currently use; however that may cause future breakage, as you install new packages or upgrade existing ones. (Admittedly, this is highly unlikely for bin and daemon.)

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply