Amazon Linux 2023 must insure all interactive users have a primary group that exists.

STIG ID: AZLX-23-002480  |  SRG: SRG-OS-000104-GPOS-00051 |  Severity: medium (CAT II)  |  CCI: CCI-000764,CCI-000804,CCI-000135 |  Vulnerability Id: V-274159

Vulnerability Discussion

If a user is assigned the group identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.

Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPOS-00020

Check

Verify Amazon Linux 2023 interactive users have a valid GID with the following command:

$ sudo pwck -qr

If the system has any interactive users with duplicate GIDs, this is a finding.

Fix

Configure Amazon Linux 2023 so that all GIDs are referenced in "/etc/passwd" are defined in "/etc/group".

Edit the file "/etc/passwd" and ensure that every user's GID is a valid GID.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.