NAME¶
check-passwd - check for empty or duplicate system accounts.
DESCRIPTION¶
The check-passwd is a plugin run by the checksecurity command. It
scans the system password file, and looks for either duplicate accounts or
accounts without a password set. This is a plugin which is invoked by
checksecurity (8) if enabled.
CONFIGURATION¶
The check-passwd.conf file defines the configuration variables:
CHECK_PASSWORD_WARN_UIDS and CHECK_PASSWORD_WARN_DUPLICATES Each
is described below.
The CHECK_PASSWORD_WARN_EMPTY variable controls whether
this script will warn about accounts with empty passwords. Valid values are
TRUE or FALSE The CHECK_PASSWORD_WARN_UIDS variable
controls whether this script will warn about duplicate accounts sharing the
same UID within the passwords file. Valid values are TRUE or
FALSE
FILES¶
- /etc/checksecurity.conf
- Specifies whether this script is invoked
- /etc/checksecurity/check-passwd.conf
- The configuration file.