Illegal login shells (UNIX)

Module: Account Integrity

This check reports user accounts with login shells that are not listed in the /etc/shells file. Use the check's name list to exclude users that are not already excluded by the Users to check option.

The following table lists the error messages for the check.

Table: Error messages for Illegal login shells

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_NOETCSHELL Category: ESM Administrative Information	UNIX (5131)	Title: /etc/shells does not exist Description:The file /etc/shells does not exist or is not a regular file. Symantec ESM uses this file to check shells on Solaris, HP-UX, and Linux operating systems. On Linux systems that lack this file, chsh(1) does not properly restrict the files that can be used as shells. You should create the /etc/shells file and list all valid shells in that file. Use full path names and list each shell on a new line.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_NOLOGIN_CFG Category: ESM Administrative Information	UNIX (5132)	Title: /etc/security/login.cfg does not exist Description:The file /etc/security/login.cfg does not exist. This file is used on AIX operating systems to provide configuration information for login and user authentication. Without this file, users can use unsecured passwords. You should recreate or restore this file immediately.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_NOSHELLS Category: ESM Administrative Information	UNIX (5133)	Title: The 'shells' stanza is missing in login.cfg Description:The shells stanza is missing from /etc/security/login.cfg. Symantec ESM uses this stanza to determine which shell can be used by each user account on AIX operating systems. Without this stanza, Symantec ESM cannot perform shell checking. You should add the shells stanza to /etc/security/login.cfg.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_NOTASHELL Category: ESM Administrative Information	UNIX (5138)	Title: Shell is not in /etc/shells Description:The shells for the listed accounts are not valid in /etc/shells. Account users may acquire privileges by accessing these shells. Either add the shells to /etc/shells or modify the account entries in /etc/passwd to point to valid shells in /etc/shells.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_NOTASHELL_AIX Category: ESM Administrative Information	UNIX (5139)	Title: Shell is not in /etc/security/login.cfg Description:The shells for the listed accounts are not valid in /etc/security/login.cfg. Account users may acquire privileges by accessing these shells. Either add the shells to /etc/security/login.cfg or modify the account entries in /etc/passwd to point to valid shells in /etc/security/login.cfg.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_ETC_SHELLS_EMPTY Category: ESM Administrative Information	UNIX (5175)	Title: /etc/shells file has no shell entries Description:There are no shells listed in the /etc/shells file. Symantec ESM uses this file to determine which shells can be used by each user account on Solaris, HP-UX, and Linux operating systems. When this file is empty, Symantec ESM cannot perform shell checking. You should list all valid shells in this file.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_NOETCSHELL

Category: ESM Administrative Information

UNIX (5131)

Title: /etc/shells does not exist

Description:The file /etc/shells does not exist or is not a regular file. Symantec ESM uses this file to check shells on Solaris, HP-UX, and Linux operating systems. On Linux systems that lack this file, chsh(1) does not properly restrict the files that can be used as shells. You should create the /etc/shells file and list all valid shells in that file. Use full path names and list each shell on a new line.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_NOLOGIN_CFG

Category: ESM Administrative Information

UNIX (5132)

Title: /etc/security/login.cfg does not exist

Description:The file /etc/security/login.cfg does not exist. This file is used on AIX operating systems to provide configuration information for login and user authentication. Without this file, users can use unsecured passwords. You should recreate or restore this file immediately.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_NOSHELLS

Category: ESM Administrative Information

UNIX (5133)

Title: The 'shells' stanza is missing in login.cfg

Description:The shells stanza is missing from /etc/security/login.cfg. Symantec ESM uses this stanza to determine which shell can be used by each user account on AIX operating systems. Without this stanza, Symantec ESM cannot perform shell checking. You should add the shells stanza to /etc/security/login.cfg.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_NOTASHELL

Category: ESM Administrative Information

UNIX (5138)

Title: Shell is not in /etc/shells

Description:The shells for the listed accounts are not valid in /etc/shells. Account users may acquire privileges by accessing these shells. Either add the shells to /etc/shells or modify the account entries in /etc/passwd to point to valid shells in /etc/shells.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_NOTASHELL_AIX

Category: ESM Administrative Information

UNIX (5139)

Title: Shell is not in /etc/security/login.cfg

Description:The shells for the listed accounts are not valid in /etc/security/login.cfg. Account users may acquire privileges by accessing these shells. Either add the shells to /etc/security/login.cfg or modify the account entries in /etc/passwd to point to valid shells in /etc/security/login.cfg.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_ETC_SHELLS_EMPTY

Category: ESM Administrative Information

UNIX (5175)

Title: /etc/shells file has no shell entries

Description:There are no shells listed in the /etc/shells file. Symantec ESM uses this file to determine which shells can be used by each user account on Solaris, HP-UX, and Linux operating systems. When this file is empty, Symantec ESM cannot perform shell checking. You should list all valid shells in this file.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]