Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Red Hat Enterprise Linux 7
System Settings
Account and Access Control
Protect Accounts by Restricting Password-Based Login
Accounts Authorized Local Users on the Operating System
Accounts Authorized Local Users on the Operating System
An XCCDF Value
Details
Profiles
Prose
Accounts Authorized Local Users on the Operating System
List the user accounts that are authorized locally on the operating system. This list includes both users requried by the operating system and by the installed applications. Depending on the Operating System distribution, version, software groups and applications, the user list is different and can be customized with scap-workbench. OVAL regular expression is used for the user list. The list starts with '^' and ends with '$' so that it matches exactly the username, not any string that includes the username. Users are separated with '|'. For example, three users: bin, oracle and sapadm are allowed, then the list is
^(bin|oracle|sapadm)$
. The user
root
is the only user that is hard coded in OVAL that is always allowed on the operating system.