Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======6.2.17 Ensure no duplicate GIDs exist (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== Although the ''groupadd'' program will not let you create a duplicate Group ID (GID), it is possible for an administrator to manually edit the ''/etc/group'' file and change the GID field. =====Rationale===== User groups must be assigned unique GIDs for accountability and to ensure appropriate access protections. =====Audit===== Run the following script and verify no results are returned: <Code:bash> #!/bin/bash cat /etc/group | cut -f3 -d":" | sort -n | uniq -c | while read x ; do [ -z "${x}" ] && break set - $x if [ $1 -gt 1 ]; then groups=`awk -F: '($3 == n) { print $1 }' n=$2 /etc/group | xargs` echo "Duplicate GID ($2): ${groups}" fi done </Code> =====Remediation===== Based on the results of the audit script, establish unique GIDs and review all files owned by the shared GID to determine which group they are supposed to belong to. =====Notes===== You can also use the ''grpck'' command to check for other inconsistencies in the ''/etc/group'' file. ubuntu1604/6/2/17.txt Last modified: 2017/05/04 15:02by Piotr Kłoczewski