STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

All SUSE operating system local interactive user home directories defined in the /etc/passwd file must exist.

DISA Rule

SV-234992r622137_rule

Vulnerability Number

V-234992

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

SLES-15-040080

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Create home directories to all SUSE operating system local interactive users that currently do not have a home directory assigned. Use the following commands to create the user home directory assigned in "/etc/ passwd":

Note: The example will be for the user smithj, who has a home directory of "/home/smithj", a UID of "smithj", and a Group Identifier (GID) of "users assigned" in "/etc/passwd".

> sudo mkdir /home/smithj
> sudo chown smithj /home/smithj
> sudo chgrp users /home/smithj
> sudo chmod 0750 /home/smithj

Check Contents

Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.

Check the home directory assignment for all local interactive non-privileged users on the system with the following command:

> awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $6}' /etc/passwd

smithj /home/smithj

Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.

Check that all referenced home directories exist with the following command:

> sudo pwck -r

user 'smithj': directory '/home/smithj' does not exist

If any home directories referenced in "/etc/passwd" are returned as not defined, this is a finding.

Vulnerability Number

V-234992

Documentable

False

Rule Version

SLES-15-040080

Severity Override Guidance

Verify the assigned home directory of all SUSE operating system local interactive users on the system exists.

Check the home directory assignment for all local interactive non-privileged users on the system with the following command:

> awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $6}' /etc/passwd

smithj /home/smithj

Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.

Check that all referenced home directories exist with the following command:

> sudo pwck -r

user 'smithj': directory '/home/smithj' does not exist

If any home directories referenced in "/etc/passwd" are returned as not defined, this is a finding.

Check Content Reference

M

Target Key

5274

Comments