You must monitor existing user accounts and ensure that any unnecessary user accounts are removed.

Procedure

  • Run the host:~ # cat /etc/passwd command and verify the minimal necessary user accounts:
    root:x:0:0:root:/root:/bin/bash
    bin:x:1:1:bin:/dev/null:/bin/false
    daemon:x:6:6:Daemon User:/dev/null:/bin/false
    messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false
    systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false
    systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false
    systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false
    systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false
    systemd-network:x:76:76:systemd Network Management:/:/bin/false
    systemd-resolve:x:77:77:systemd Resolver:/:/bin/false
    systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false
    nobody:x:65534:65533:Unprivileged User:/dev/null:/bin/false
    sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false
    apache:x:25:25:Apache Server:/srv/www:/bin/false
    ntp:x:87:87:Network Time Protocol:/var/lib/ntp:/bin/false
    named:x:999:999::/var/lib/bind:/bin/false
    admin:x:1000:1003::/home/admin:/bin/bash
    postgres:x:1001:100::/var/vmware/vpostgres/9.6:/bin/bash