adduser: The user `backup' already exists. (Debian)

[MannDude]

NOTE: Thread and posts were edited. Originally I was using the host-name 'demo' in this thread as a representation of my error, and not my real hostname. Turns out the user I was actually using is a 'feature' of Debian and supposed to be there.... Source: http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s-faq-os-users

So, just deployed a new VPS for backups of backups and while doing the normal 'just got a VPS, locking down' stuff I ran into something I've not seen before.


root@backup:~# adduser backup
adduser: The user `backup' already exists.

I've not added that user. Quick Google search didn't yield an immediate answer.

Is it normal for the hostname of the VPS to be added as a user?

Furthermore, I've tried to login to the VPS using the user 'backup'. Using the root password I was not able to login to my VPS. I used both the root password dispatched to me with the server, as well as the password I used when I changed the root password upon login.

Is this normal?

 

[NodeBytes]

What happens when you change the password for demo?

 

[MannDude]

What happens when you change the password for demo?

It works without error:

root@backup:~# passwd backup


Enter new UNIX password:


Retype new UNIX password:


passwd: password updated successfully

I can SSH using the 'backup' user afterwards, with the updated password.

I'm just wondering why the user already existed. And if the password for this user wasn't the root password (neither the original password or the updated root password), if there was a password for this user that was simply unknown to me? Or was it just a automatically created user that could never be used to access the server unless you specifically assigned a password to it?

 

[NodeBytes]

None of my servers have a "demo" account. All Debian/Ubuntu based.

 

[MannDude]

None of my servers have a "demo" account. All Debian/Ubuntu based.

The username isn't actually 'demo'. I just didn't want to post the actual hostname. But it's not something I would expect a default minimal Debian install to include.

EDIT: See my edited first post. The actual hostname was 'backup', which is supposed to exist according to Debian documentation.

 

[scv]

Do a fresh install and check /etc/passwd immediately after logging in?

 

[MannDude]

Do a fresh install and check /etc/passwd immediately after logging in?

This is my bash history (minus a couple typos). The first thing I do when I login to any new VPS is change the root password.

passwd
apt-get update && apt-get upgrade -y
apt-get install nano
nano /etc/ssh/sshd_config
service ssh restart
apt-get remove apache* bind9* sasl* samba* sendmail* exim*
wget -O /dev/null - http://cachefly.cachefly.net/100mb.test
df -h
apt-get install htop
htop
cat /proc/cpuinfo
dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync
adduser backup
hostname
passwd backup
adduser newuser
cat /etc/issue
history -w ~/history.txt

 

[MannDude]

Well, Debian 7 wasn't an option from the order form, so was using Debain 6. I've just logged into SolusVM and have re-created the VPS with Debain 7...

Linux backup 2.6.32-042stab078.27 #1 SMP Mon Jul 1 20:48:07 MSK 2013 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

root@backup:~# passwd
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

root@backup:~# hostname
backup

root@backup:~# adduser backup
adduser: The user `backup' already exists.
root@backup:~#

 

[Quexis]

If your hostname (and subsequently, the user you're trying to add) is one of these, you're probably going to run into that.

 

[MannDude]

I'm an idiot.

The hostname was 'backup' (not 'demo', as used in this thread as an example), which is actually supposed to be part of the default Debian install as per Debian documentation here: http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s-faq-os-users

• backup: So backup/restore responsibilities can be locally delegated to someone without full root permissions.