STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-217135r603262_rule
V-217135
SRG-OS-000123-GPOS-00064
SLES-12-010330
CAT II
10
Configure the SUSE operating system to never automatically remove or disable emergency administrator accounts.
Replace "[Emergency_Administrator]" in the following command with the correct emergency administrator account. Run the following command as an administrator:
# sudo chage -I -1 -M 99999 [Emergency_Administrator]
Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled.
Note: Root is typically the "account of last resort" on a system and is also used as the example emergency administrator account. If another account is being used as the emergency administrator account, the command should be used against that account.
Check to see if the root account password or account expires with the following command:
# sudo chage -l [Emergency_Administrator]
Password expires:never
If "Password expires" or "Account expires" is set to anything other than "never", this is a finding.
V-217135
False
SLES-12-010330
Verify the SUSE operating system is configured such that emergency administrator accounts are never automatically removed or disabled.
Note: Root is typically the "account of last resort" on a system and is also used as the example emergency administrator account. If another account is being used as the emergency administrator account, the command should be used against that account.
Check to see if the root account password or account expires with the following command:
# sudo chage -l [Emergency_Administrator]
Password expires:never
If "Password expires" or "Account expires" is set to anything other than "never", this is a finding.
M
4033