UCF STIG Viewer Logo

All GIDs referenced in the /etc/passwd file must be defined in the /etc/group file.


Overview

Finding ID Version Rule ID IA Controls Severity
V-226447 GEN000380 SV-226447r603265_rule Low
Description
If a user is assigned the GID of a group not existing on the system, and a group with the same GID is subsequently created, the user may have unintended rights to the group.
STIG Date
Solaris 10 SPARC Security Technical Implementation Guide 2020-12-04

Details

Check Text ( C-28608r482708_chk )
Perform the following to ensure there are no GIDs referenced in /etc/passwd not defined in /etc/group.
# logins -o | awk -F: '$3 == ""'
If any lines are returned, there are GIDs referenced in /etc/passwd that are not defined in /etc/group, this is a finding.
Fix Text (F-28596r482709_fix)
Add a group to the system for each GID referenced that does not have a corresponding group.

#/usr/sbin/groupadd < group >