Solved

What is the "/root/install.log.syslog" in linux?

Posted on 2007-04-04
4
1,471 Views
Last Modified: 2013-12-16
A user recently  brought my attention to the file "/root/install.log.syslog" in one of the linux boxes that I have partial responsibility.  This file contains the creation of numerous users and groups such as rpm, mailnull, apache, webalizer, and ntp to name a few.  My question is this:  Should I be worried about all of these users that seem to have been installed on the system during its initial configuration over a year ago?
0
Comment
Question by:accessint
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
sheetbird earned 125 total points
ID: 18852218
You shouldn't be too concerned. However check your /etc/passwd and /etc/shadow to make sure that these users can't login.  In /etc/passwd they should have a shell of /bin/false (or some other bogus shell) and /etc/shadow should have an * where the encrypted password should be.
0
 

Author Comment

by:accessint
ID: 18853357
Some of the users have two exclimation points instead of an asterisk.  Do you know what that means?
0
 
LVL 3

Expert Comment

by:sheetbird
ID: 18853427
I had never seen that before however I'm sure that depending on the distribution it could be different.  Really it just needs to be something that will never be resolved by crypt, but * or x or !! are used to make it easily identifiable by humans.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 18854307
install.log.syslog is a standard install log (on Redhat at least).  It will contain a list of all the users and packages that were added to the system as part of the install process.

There's nothing scary or unusual about it.
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question