December 25, 20241 yr Sandfly Security flag 'named' as having a blank password. This is generally considered a security risk in l/unix. root@Tower:~# su - named -s /bin/bash named@Tower:/var/named$ whoami named named@Tower:/var/named$ pwd /var/named Dec 25 10:58:17 Tower su[3759388]: Successful su for named by root Dec 25 10:58:17 Tower su[3759388]: + /dev/pts/1 root:named Dec 25 10:58:17 Tower su[3759388]: pam_unix(su:session): session opened for user named(uid=53) by (uid=0) Dec 25 10:58:17 Tower su[3759388]: pam_unix(su:session): session closed for user named root@Tower:~# cat /etc/shadow root:$6$Q43A/Mx48qOeJgh237rJUFR38jFJ2190rthFDfh281jfjkmfg12921jhFRHF&h7hrjhfjh.:20049:0:99999:7::: bin:!:20068:0:99999:7::: daemon:!:20068:0:99999:7::: adm:!:20068:0:99999:7::: ftp:!:20068:0:99999:7::: named::9797:0::::: rpc:!:20068:0:99999:7::: sshd:!:20068:0:99999:7::: dhcpcd:!:20068:0:99999:7::: avahi:!:20068:0:99999:7::: avahi-autoipd:!:20068:0:99999:7::: messagebus:!:20068:0:99999:7::: nobody:!:20068:0:99999:7::: ntp:!:20068:::::: user:$6$8yJ5Cq7WCnDcqqgh$HNOUNZkOgjwiFJNjk2ofdkmFJH278wsjdfkFJdfhqwoDFNHhfiwhnfgFwrCCXEPNb/BCdthhFds.:20049::::::
January 23, 20251 yr Thank you for the report. 'named' is a pseudo-user used by 'bind'. First we don't use bind, it's really only included in Unraid OS for advanced users who might want to implement a DNS srever, and second, the shell is '/bin/false'. There are other such pseudo users, this is normal.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.