All user accounts must be configured to use a home directory that exists.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-48105	SOL-11.1-070080	SV-60977r2_rule		Low

Description
If the user's home directory does not exist, the user will be placed in "/" and will not be able to write any files or have local environment variables set.

STIG	Date
Solaris 11 SPARC Security Technical Implementation Guide	2017-03-02

Details

Check Text ( C-50535r3_chk )
The root role is required. Check if a GUI is installed. # pkg info gdm # pkg info coherence-26 If neither package is installed on the system, then no GUI is present. Check that all users' home directories exist. # pwck Accounts with no home directory will output "Login directory not found". If no GUI is present, then "gdm" and "upnp" accounts should generate errors. On all systems, "uucp" and "nuucp" should generate errors. If users' home directories do not exist, this is a finding.

Check Text ( C-50535r3_chk )

The root role is required.

Check if a GUI is installed.

# pkg info gdm
# pkg info coherence-26

If neither package is installed on the system, then no GUI is present.

Check that all users' home directories exist.

# pwck

Accounts with no home directory will output "Login directory not found".

If no GUI is present, then "gdm" and "upnp" accounts should generate errors. On all systems, "uucp" and "nuucp" should generate errors.

If users' home directories do not exist, this is a finding.

Fix Text (F-51711r1_fix)
The root role is required. Work with users identified in the check step to determine the best course of action in accordance with site policy. This generally means deleting the user account or creating a valid home directory.