Detections
Analytics
RHEL-10-600020 - RHEL 10 must not assign an interactive login shell for system accounts.
Information
Ensuring shells are not given to system accounts upon login makes it more difficult for attackers to use system accounts.NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Configure RHEL 10 so that all noninteractive accounts on the system do not have an interactive shell assigned to them.If the system account needs a shell assigned for mission operations, document the need with the ISSO.
Run the following command to disable the interactive shell for a specific noninteractive user account:
Replace <user> with the user that has a login shell.
$ sudo usermod --shell /sbin/nologin <user>
Do not perform the steps in this section on the root account. Doing so will cause the system to become inaccessible.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: SYSTEM AND INFORMATION INTEGRITY
References: 800-53|SI-6a., CAT|II, CCI|CCI-002696, Rule-ID|SV-281168r1195416_rule, STIG-ID|RHEL-10-600020, Vuln-ID|V-281168
Plugin: Unix
Control ID: 0036c9ea680bbef8c171cffbce90d1780f10784764483ee888f4d92b852128cb