On 24/01/18 21:05, Dan White wrote:
"superusers should be root, admin or administrator"
Are you sure it shouldn't be "superusers should *NOT* be root, admin
or administrator" ?
You are correct, the superuser should not be root, admin nor administrator.
I changed mine from "root" to "grub.root",
made sure the full hash was in /etc/grub.d/01_users,
re-ran grub2-mkconfig
and then the oscap scan passed.
I can say for certain that the superuser should not be "root"
What else shouldn't it be ?
Current check only cares about the users mentioned above.
--
Watson Sato
Security Technologies | Red Hat, Inc
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
