Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1062 | GEN001080 | SV-37380r1_rule | ECSC-1 | Low |
Description |
---|
To ensure the root shell is available in repair and administrative modes, the root shell must be located in the / file system. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2012-05-25 |
Check Text ( C-36067r1_chk ) |
---|
Determine if root's shell executable resides on a dedicated file system. Procedure: Find the location of the root user's shell # grep "^root" /etc/passwd|cut -d: -f7|cut -d/ -f2 The result is the top level directory under / where the shell resides (e.g., usr) Check if it is on a dedicated file system. # grep / If / |
Fix Text (F-31311r1_fix) |
---|
Change the root account's shell to one present on the / file system. Procedure: Edit /etc/passwd and change the shell for the root account to one present on the / file system (such as /bin/sh, assuming /bin is not on a separate file system). If the system does not store shell configuration in the /etc/passwd file, consult vendor documentation for the correct procedure for the system. |