Skip to content

5.4.2.3 Ensure group root is the only GID 0 group

Audit#

Run the following command to verify no group other than root is assigned GID 0: 

# awk -F: '$3=="0"{print $1":"$3}' /etc/group
root:0

Remediation#

Run the following command to set the root group's GID to 0: 

# groupmod -g 0 root

Remove any groups other than the root group with GID 0 or assign them a new GID if appropriate.