NAME¶
check-passwd - check for empty or duplicate system accounts.
SYNOPSIS¶
check-passwd
DESCRIPTION¶
The
check-passwd command scans the system password file, and looks for
either duplicate accounts or accounts without a password set. This is a plugin
which is invoked by
checksecurity (8) if enabled.
CONFIGURATION¶
The
check-passwd.conf file defines the configuration variables:
CHECK_PASSWORD_WARN_UIDS and
CHECK_PASSWORD_WARN_DUPLICATES Each
is described below.
The
CHECK_PASSWORD_WARN_EMPTY variable controls whether this script will
warn about accounts with empty passwords. Valid values are
TRUE or
FALSE The
CHECK_PASSWORD_WARN_UIDS variable controls whether
this script will warn about duplicate accounts sharing the same UID within the
passwords file. Valid values are
TRUE or
FALSE
FILES¶
- /etc/checksecurity.conf
- Specifies whether this script is invoked
- /etc/checksecurity/check-passwd.conf
- The configuration file.