← Rules Catalog
mediumaccess-controlverified

Ensure no duplicate UIDs exist in /etc/passwd

no-duplicate-uids · RHEL ≥ 8, UBUNTU ≥ 22 · 1 impl

Description

No duplicate user IDs (UIDs) must exist in /etc/passwd. Each user account must have a unique UID to ensure proper access control and audit trail accountability.

Rationale

Duplicate UIDs allow multiple accounts to operate with the same privileges. An attacker could exploit a duplicate UID to access another user's files and processes without knowing that user's credentials, undermining the principle of individual accountability.

Check → Remediate

Checkcommand
awk -F: '{print $3}' /etc/passwd | sort | uniq -d | head -1
Remediatemanual
note:
Identify duplicate UIDs with: awk -F: '{print $3}' /etc/passwd | sort | uniq -d For each duplicate, assign a unique UID using: usermod -u <new_uid> <username> Ensure all files owned by the old UID are updated accordingly.

Framework references

STIG

V-281172 / RHEL-10-600130V-258045 / RHEL-09-411030V-230371V-270720 / UBTU-24-400000V-260543 / UBTU-22-411015

NIST 800-53

IA-2AC-2

Live verification

rhel8:checkubuntu22:checkubuntu24:check
#users#uid#accountability#access-control