multi-homing and pf; removing user with uid 0

[Lowell Gilbert]

Marc Cabanatuan <mcabanatuan at wi.rr.com> writes:

> This is somewhat of a multipart question and unrelated question.

Please try putting them in separate messages next time, then.

> Figured I would ask here since the host I have the box on isn't much
> help with anything, and when they do help they want to charge up the
> ass for it. I understand they need to make money too, but they end up
> breaking shit and not helping than anything...So here goes nothing.
> 
> Right now I've got a /27 and I am attemtpting to add 5 addresses of
> that adress block (ipv4) to the box as either seperate addreses (not
> aliases to the primary interface) or seperate addresses bound to
> sub-interfaces. So far I have been unsuccessful and the host told me
> to use aliases. I also wish for these settings to stay after (re)boot.
> Not to mention they say my firewall is the problem and they couldn't
> get out to the internet from root console (im using pf and have the
> rule of 'pass out all'.

What actually *happened* when you tried this?  

Did you remember to use all-ones netmasks?
Ref. FAQ: "How can I set up Ethernet aliases?"
 http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/networking.html#ETHERNET-ALIASES 

> Next thing, a second account just 'showed up' on the box with uid 0.
> 
> toor:*:0:0:Bourne-again Superuser:/root: - from /etc/master.passwd
> 
> I suspect it was techs from the host, but I want it off the machine.
> How do I do this?

It's completely standard, and while you can remove it like any other
account, there's no reason to.
Ref. FAQ: "What is this UID 0 toor account? Have I been compromised?"
 http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/security.html#TOOR-ACCOUNT