6.2.7 Ensure all users' home directories exist (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
Users can be defined in /etc/passwd
without a home directory or with a home directory that does not actually exist.
Rationale
If the user's home directory does not exist or is unassigned, the user will be placed in “/” and will not be able to write any files or have local environment variables set.
Audit
Run the following script and verify no results are returned:
#!/bin/bash cat /etc/passwd | awk -F: '{ print $1 " " $3 " " $6 }' | while read user uid dir; do if [ $uid -ge 1000 -a ! -d "$dir" -a $user != "nfsnobody" ]; then echo "The home directory ($dir) of user $user does not exist." fi done
Remediation
If any users' home directories do not exist, create them and make sure the respective user owns the directory. Users without an assigned home directory should be removed or assigned a home directory as appropriate.