You are here: Compliance Check Types > Unix Configuration > Built-In Checks > Permissions Management > accounts_without_home_dir

accounts_without_home_dir

This built-in function ensures that every user has a home directory. It passes if a valid directory is attributed to each user and fails otherwise. Note that home directory ownership or permissions are not tested by this check.

It is generally recommended that each user on a system have a home directory defined as some tools may need to read from it or write to it (for instance, sendmail checks for a ~/.forward file). If a user does not need to log in, a non-existent shell (e.g., /bin/false) should be defined instead. On many systems, a user with no home directory will still be granted login privileges but their effective home directory is /.

Usage

<item>

name: "accounts_without_home_dir"

description: "This check reports user accounts that do not have home directories."

</item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.