All interactive user home directories defined in the /etc/passwd file must exist.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-900 | GEN001460 | SV-64579r1_rule | Low |
| Description |
|---|
| If a user has a home directory defined that does not exist, the user may be given the / directory, by default, as the current working directory upon logon. This could create a Denial of Service because the user would not be able to perform useful tasks in this location. |
| STIG | Date |
|---|---|
| Oracle Linux 5 Security Technical Implementation Guide | 2020-02-25 |
Details
| Check Text ( C-52993r1_chk ) |
|---|
| Use pwck to verify assigned home directories exist. # pwck If any user's assigned home directory does not exist, this is a finding. |
| Fix Text (F-55175r1_fix) |
|---|
| If a user has no home directory, determine why. If possible, delete accounts without a home directory. If the account is valid, then create the home directory using the appropriate system administration utility or manually. For instance: mkdir directoryname; copy the skeleton files into the directory; chown accountname for the new directory and the skeleton files. Document all changes. |