Post-installation checks
Post-installation checks are required to complete your STIG compliance.
Note: If you've install QRadar®
and RHEL from the QRadar ISO
image, the following checks might not be necessary.
Passwords restricted to 1-day minimum lifetime
Type the following command to check for any violations:
awk -F: '$4 >= 1 {print $1}' /etc/shadow
You must change the password-restriction setting for any non-system accounts or non-user accounts that are displayed.
Passwords restricted to 60-day maximum lifetime
Type the following command to check for any violations:
awk -F: '$5 >= 1 {print $1}' /etc/shadow
You must change the password-restriction setting for any non-system accounts or non-user accounts that are displayed.
Duplicate user IDs (UID)
Type the following command to check for duplicate user IDs:
pwck -rq
Accounts that are displayed are in violation of this rule.