All AlmaLinux OS 9 interactive users must have a primary group that exists.

STIG ID: ALMA-09-033130  |  SRG: SRG-OS-000104-GPOS-00051 |  Severity: medium |  CCI: CCI-000764 |  Vulnerability Id: V-269366

Vulnerability Discussion

If a user is assigned the Group Identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.

Check

Verify that all AlmaLinux OS 9 interactive users have a valid GID with the following command:

$ pwck -r /etc/passwd

If the system has any interactive users with a nonexistent primary group, this is a finding.

Fix

Configure the system so that all GIDs referenced in "/etc/passwd" are defined in "/etc/group".
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.