All SUSE operating system local interactive user accounts, upon creation, must be assigned a home directory.

STIG ID: SLES-12-010720  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-217171

Vulnerability Discussion

If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.

Check

Verify all SUSE operating system local interactive users on the system are assigned a home directory upon creation.

Check to see if the system is configured to create home directories for local interactive users with the following command:

# grep -i create_home /etc/login.defs
CREATE_HOME yes

If the value for "CREATE_HOME" parameter is not set to "yes", the line is missing, or the line is commented out, this is a finding.

Fix

Configure the SUSE operating system to assign home directories to all new local interactive users by setting the "CREATE_HOME" parameter in "/etc/login.defs" to "yes" as follows.

CREATE_HOME yes