Title

All local interactive user accounts, upon creation, must be assigned a home directory. (Cat II impact)

Discussion

If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.

Check Content

Verify all local interactive users on the Ubuntu operating system are assigned a home directory upon creation. Check to see if the system is configured to create home directories for local interactive users with the following command: # grep -i create_home /etc/login.defs CREATE_HOME yes If the value for "CREATE_HOME" parameter is not set to "yes", the line is missing, or the line is commented out, this is a finding.

Fix Text

Configure the Ubuntu operating system to assign home directories to all new local interactive users by setting the "CREATE_HOME" parameter in "/etc/login.defs" to "yes" as follows. CREATE_HOME yes

Additional Identifiers

Rule ID: SV-215005r610931_rule

Vulnerability ID: V-215005

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.