You must monitor existing user accounts and ensure that any unnecessary user accounts are removed.
Procedure
- ♦ Run the
host:~ # cat /etc/passwd
command and verify the minimal necessary user accounts:root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/dev/null:/bin/false daemon:x:6:6:Daemon User:/dev/null:/bin/false messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false systemd-network:x:76:76:systemd Network Management:/:/bin/false systemd-resolve:x:77:77:systemd Resolver:/:/bin/false systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false nobody:x:65534:65533:Unprivileged User:/dev/null:/bin/false apache:x:25:25:Apache Server:/srv/www:/bin/false sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false ntp:x:87:87:Network Time Protocol:/var/lib/ntp:/bin/false named:x:999:999::/var/lib/bind:/bin/false admin:x:1000:1003::/home/admin:/bin/bash postgres:x:1001:100::/var/vmware/vpostgres/14:/bin/bash mpuser:x:1002:1003::/home/mpuser:/sbin/nologin