-
-
Notifications
You must be signed in to change notification settings - Fork 237
Expand file tree
/
Copy pathuser.yml
More file actions
86 lines (83 loc) · 1.67 KB
/
user.yml
File metadata and controls
86 lines (83 loc) · 1.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# User baseline for AMI build
# Checks that critical system and application users exist
# UIDs may vary between builds - only checking existence and basic properties
user:
# System users
root:
exists: true
home: /root
shell: /run/system-manager/sw/bin/bash
ubuntu:
exists: true
home: /home/ubuntu
shell: /bin/bash
nobody:
exists: true
shell: /run/system-manager/sw/bin/nologin
# PostgreSQL ecosystem
postgres:
exists: true
home: /var/lib/postgresql
shell: /bin/bash
pgbouncer:
exists: true
home: /home/pgbouncer
wal-g:
exists: true
home: /home/wal-g
# Supabase services
gotrue:
exists: true
home: /home/gotrue
postgrest:
exists: true
home: /home/postgrest
adminapi:
exists: true
home: /home/adminapi
kong:
exists: true
home: /home/kong
envoy:
exists: true
home: /home/envoy
nginx:
exists: true
home: /home/nginx
vector:
exists: true
home: /var/lib/vector
supabase-admin-agent:
exists: true
home: /home/supabase-admin-agent
# System service users
sshd:
exists: true
shell: /usr/sbin/nologin
messagebus:
exists: true
shell: /usr/sbin/nologin
systemd-network:
exists: true
shell: /usr/sbin/nologin
systemd-resolve:
exists: true
shell: /usr/sbin/nologin
systemd-timesync:
exists: true
shell: /usr/sbin/nologin
polkitd:
exists: true
shell: /usr/sbin/nologin
tcpdump:
exists: true
shell: /usr/sbin/nologin
_apt:
exists: true
shell: /usr/sbin/nologin
ec2-instance-connect:
exists: true
shell: /usr/sbin/nologin
salt:
exists: true
shell: /usr/sbin/nologin