STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:SV-204470r603832_rule
V-204470
SRG-OS-000480-GPOS-00227
RHEL-07-020650
CAT II
10
Change the group owner of a local interactive user's home directory to the group found in "/etc/passwd". To change the group owner of a local interactive user's home directory, use the following command:
Note: The example will be for the user "smithj", who has a home directory of "/home/smithj", and has a primary group of users.
# chgrp users /home/smithj
Verify the assigned home directory of all local interactive users is group-owned by that user's primary GID.
Check the home directory assignment for all local interactive users on the system with the following command:
# ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)
-rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
Check the user's primary group with the following command:
# grep users /etc/group
users:x:250:smithj,jonesj,jacksons
If the user home directory referenced in "/etc/passwd" is not group-owned by that user's primary GID, this is a finding.
V-204470
False
RHEL-07-020650
Verify the assigned home directory of all local interactive users is group-owned by that user's primary GID.
Check the home directory assignment for all local interactive users on the system with the following command:
# ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)
-rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
Check the user's primary group with the following command:
# grep users /etc/group
users:x:250:smithj,jonesj,jacksons
If the user home directory referenced in "/etc/passwd" is not group-owned by that user's primary GID, this is a finding.
M
2899