All user accounts must be configured to use a home directory that exists.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216424 | SOL-11.1-070080 | SV-216424r603267_rule | Low |
| Description |
|---|
| If the user's home directory does not exist, the user will be placed in "/" and will not be able to write any files or have local environment variables set. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2022-11-18 |
Details
| Check Text ( C-17660r371360_chk ) |
|---|
| The root role is required. Check if a GUI is installed. Determine the OS version you are currently securing:. # uname –v For Solaris 11, 11.1, 11.2, and 11.3: # pkg info gdm # pkg info coherence-26 # pkg info coherence-27 If none of these packages are installed on the system, then no GUI is present. For Solaris 11.4 or newer: # pkg info gdm If gdm is not installed on the system, then no GUI is present. # pkg info uucp uucp is no longer installed by default starting in 11.4 and is deprecated. For all versions, check that all users' home directories exist. # pwck Accounts with no home directory will output "Login directory not found". If no GUI is present, then "gdm" and "upnp" accounts should generate errors. On all systems, with uucp package installed, the "uucp" and "nuucp" accounts should generate errors. If users' home directories do not exist, this is a finding. |
| Fix Text (F-17658r371361_fix) |
|---|
| The root role is required. Work with users identified in the check step to determine the best course of action in accordance with site policy. This generally means deleting the user account or creating a valid home directory. |