All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file.

STIG ID: RHEL-09-411060  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-258051

Vulnerability Discussion

If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.

Check

Verify that interactive users on the system have a home directory assigned with the following command:

$ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd

smithk:x:1000:1000:smithk:/home/smithk:/bin/bash
scsaustin:x:1001:1001:scsaustin:/home/scsaustin:/bin/bash
djohnson:x:1002:1002:djohnson:/home/djohnson:/bin/bash

Inspect the output and verify that all interactive users (normally users with a user identifier (UID) greater that 1000) have a home directory defined.

If users home directory is not defined, this is a finding.

Fix

Create and assign home directories to all local interactive users on RHEL 9 that currently do not have a home directory assigned.