Is it safe to remove/change system user account on Red Hat Enterprise Linux ?
Issue
- Is it safe to remove system users (user accounts having a UID less than 500 for RHEL 6 and below and less than 1000 for RHEL 7 and above) in order to "harden" the servers?
- Is it OK to change the primary group of system users?
- Need to identify unused system accounts for deletion as per security requirements
- How to remove/delete/disable following default(standard) system user(s) accounts :
sync
,shutdown
,halt
,ftp
,gopher
,uucp
,operator
,pcap
(used by tcpdump), - To remove system account (users/groups) with GID(gid) equal to 0(zero)
- To disable system User/Group ID(s)
- To set the password expiry for the System owned IDs
Environment
- Red Hat Enterprise Linux all versions
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.