An error occurred:

Check: GEN001440

SUSE Linux Enterprise Server v11 for System z STIG: GEN001440 (in versions v1 r12 through v1 r9)

Title

All interactive users must be assigned a home directory in the /etc/passwd file. (Cat III impact)

Discussion

If users do not have a valid home directory, there is no place for the storage and control of files they own.

Check Content

Use pwck to verify home directory assignments are present. # pwck If any user is not assigned a home directory, this is a finding.

Fix Text

Assign a home directory to any user without one. This can be accomplished using ‘/sbin/yast2 users’ > Edit > Details to modify the home directory of an existing user. Alternatively, the following command may be used: # usermod -d </home/directory> <username>

Additional Identifiers

Rule ID: SV-45010r1_rule

Vulnerability ID: V-899

Group Title: GEN001440

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000225

The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-6

Least Privilege