So then the description should be updated from NOTE: It is recommended not to use common administrator account names like root, admin, or administrator for the grub2 superuser account.
to something like Do not use root, admin, or administrator for the grub2 superuser account. The check will fail. Would you agree ? Does an issue/bug need to be created for this to happen ? "Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us." Bill Waterson (Calvin & Hobbes) > On Jan 25, 2018, at 4:26 AM, Watson Yuuma Sato <ws...@redhat.com> wrote: > >> On 24/01/18 21:05, Dan White wrote: >> "superusers should be root, admin or administrator" >> >> Are you sure it shouldn't be "superusers should NOT be root, admin or >> administrator" ? > > You are correct, the superuser should not be root, admin nor administrator. >> >> I changed mine from "root" to "grub.root", >> made sure the full hash was in /etc/grub.d/01_users, >> re-ran grub2-mkconfig >> and then the oscap scan passed. >> >> I can say for certain that the superuser should not be "root" >> What else shouldn't it be ? > Current check only cares about the users mentioned above. > -- > Watson Sato > Security Technologies | Red Hat, Inc > _______________________________________________ > Open-scap-list mailing list > Open-scap-list@redhat.com > https://www.redhat.com/mailman/listinfo/open-scap-list
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list