All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file.

STIG ID: RHEL-08-010720  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-230320

Vulnerability Discussion

If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.

Check

Verify local interactive users on RHEL 8 have a home directory assigned with the following command:

$ sudo pwck -r

user 'lp': directory '/var/spool/lpd' does not exist
user 'news': directory '/var/spool/news' does not exist
user 'uucp': directory '/var/spool/uucp' does not exist
user 'www-data': directory '/var/www' does not exist

Ask the System Administrator (SA) if any users found without home directories are local interactive users. If the SA is unable to provide a response, check for users with a User Identifier (UID) of 1000 or greater with the following command:

$ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd

If any interactive users do not have a home directory assigned, this is a finding.

Fix

Assign home directories to all local interactive users on RHEL 8 that currently do not have a home directory assigned.