5.4.2.2 Ensure root is the only GID 0 account
Audit#
Run the following command to verify the root user's primary GID is 0, and no other user's have GID 0 as their primary GID:
Note: User's: sync, shutdown, halt, and operator are excluded from the check for other user's with GID 0Remediation#
Run the following command to set the root user's GID to 0:
Run the following command to set the root group's GID to 0:
Remove any users other than the root user with GID 0 or assign them a new GID if appropriate.