All interactive user home directories defined in the /etc/passwd file must exist.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-900 | GEN001460 | SV-38489r1_rule | ECSC-1 | Low |
| Description |
|---|
| If a user has a home directory defined that does not exist, the user may be given the / directory, by default, as the current working directory upon logon. This could create a Denial of Service because the user would not be able to perform useful tasks in this location. |
| STIG | Date |
|---|---|
| HP-UX 11.31 Security Technical Implementation Guide | 2013-06-27 |
Details
| Check Text ( C-36334r1_chk ) |
|---|
| Use pwck to verify assigned home directories exist. # pwck -s If any user's assigned home directory does not exist, this is a finding. |
| Fix Text (F-31589r1_fix) |
|---|
| If a user has no home directory, determine why. If possible, delete accounts without a home directory. If the account is valid, then create the home directory either manually or using the appropriate system administration utility. For instance: mkdir directoryname; copy the skeleton files into the directory; chown accountname for the new directory and the skeleton files. Document all changes. |