This built-in function ensures that each line in /etc/passwd has a valid format (e.g., seven fields separated by colon). If a line is malformed, it is reported and the check fails.

Having a malformed /etc/passwd file can break several user-management tools. It may also indicate a break-in or a bug in a custom user-management application. It may also show that someone attempted to add a user with an invalid name (in the past, it was popular to create a user named “toor:0:0” to obtain root privileges).

If the test is considered non-compliant, the administrator must remove or fix the offending lines from /etc/passwd.



name: "passwd_file_consistency"

description: "This check makes sure /etc/passwd is valid."