UCF STIG Viewer Logo

The root account must not be used for direct logins.


Overview

Finding ID Version Rule ID IA Controls Severity
V-226479 GEN001020 SV-226479r603265_rule Medium
Description
Direct login with the root account prevents individual user accountability. Acceptable non-routine uses of the root account for direct login are limited to emergency maintenance, the use of single-user mode for maintenance, and situations where individual administrator accounts are not available.
STIG Date
Solaris 10 SPARC Security Technical Implementation Guide 2022-09-07

Details

Check Text ( C-28640r482822_chk )
Check if the root is used for direct logins.

Procedure:
# last root | grep -v reboot

If any direct login records for root exist, this is a finding.

Verify the root user is configured as a role, rather than a normal user.

Procedure:
# egrep '^root:' /etc/user_attr

If the returned line does not include "type=role", this is a finding.
Fix Text (F-28628r482823_fix)
Convert the root user into a role.
# usermod -K type=role root

Add the root role to authorized users' logins.
# usermod -R root