Check: TOSS-04-020230
Tri-Lab Operating System Stack (TOSS) 4 STIG:
TOSS-04-020230
(in versions v2 r1 through v1 r1)
Title
All TOSS local interactive users must have a home directory assigned in the /etc/passwd file. (Cat II impact)
Discussion
If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
Check Content
Verify local interactive users on TOSS have a home directory assigned with the following command: $ sudo pwck -r user 'lp': directory '/var/spool/lpd' does not exist user 'news': directory '/var/spool/news' does not exist user 'uucp': directory '/var/spool/uucp' does not exist user 'www-data': directory '/var/www' does not exist Ask the System Administrator (SA) if any users found without home directories are local interactive users. If the SA is unable to provide a response, check for users with a User Identifier (UID) of 1000 or greater with the following command: $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd If any interactive users do not have a home directory assigned, this is a finding.
Fix Text
Assign home directories to all local interactive users on TOSS that currently do not have a home directory assigned.
Additional Identifiers
Rule ID: SV-252962r991589_rule
Vulnerability ID: V-252962
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |