Verify Permissions on Backup gshadow File
An XCCDF Rule
Description
To properly set the permissions of /etc/gshadow-
, run the command:
$ sudo chmod 0000 /etc/gshadow-
Rationale
The /etc/gshadow-
file is a backup of /etc/gshadow
, and as such,
it contains group password hashes. Protection of this file is critical for system security.
- ID
- xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_gshadow
- Severity
- Medium
- Updated
Remediation - Ansible
- name: Test for existence /etc/gshadow-
stat:
path: /etc/gshadow-
register: file_exists
tags:
- DISA-STIG-RHEL-09-232070
Remediation - Shell Script
chmod u-xwrs,g-xwrs,o-xwrt /etc/gshadow-