UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The /etc/smbpasswd file must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1029 GEN006160 SV-64077r1_rule ECLP-1 Medium
Description
If the "smbpasswd" file is not owned by root, it may be maliciously accessed or modified, potentially resulting in the compromise of Samba accounts.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2015-06-05

Details

Check Text ( C-52491r1_chk )
Check the ownership of the "smbpasswd" file.

# ls -l /etc/samba/passdb.tdb /etc/samba/secrets.tdb

If the "smbpasswd" file is not owned by root, this is a finding.
Fix Text (F-54605r1_fix)
Use the chown command to configure the files maintained by smbpasswd.
For instance:
# chown root /etc/samba/passdb.tdb /etc/samba/secrets.tdb