UIDs reserved for system accounts must not be assigned to non-system accounts on AIX systems.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215195 | SRG-OS-000480-GPOS-00227 | AIX7-00-001036 | SV-215195r991589_rule | 2026-02-06 | 3 |
Description
Reserved UIDs are typically used by system software packages. If non-system accounts have UIDs in this range, they may conflict with system software, possibly leading to the user having permissions to modify system files.
ℹ️ Check
Check the UID assignments of all accounts using:
# more /etc/passwd
root:!:0:0::/root:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
nobody:!:4294967294:4294967294::/:
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
srvproxy:*:203:0:Service Proxy Daemon:/home/srvproxy:/usr/bin/ksh
esaadmin:*:7:0::/var/esa:/usr/bin/ksh
sshd:*:212:203::/var/empty:/usr/bin/ksh
doej:*:704:1776::/home/doej:/usr/bin/ksh
Confirm all accounts with a UID of 128 and below are used by a system account.
If a UID reserved for system accounts (0-128) is used by a non-system account, this is a finding.
✔️ Fix
Using the "usermod" command, change the UID numbers for non-system accounts with reserved UIDs (those less or equal to 128):
# usermod -u <uid> [user_name]