RHEL 9 groups must have unique Group ID (GID).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-258061	RHEL-09-411110	SV-258061r958482_rule		Medium

Description

To ensure accountability and prevent unauthenticated access, groups must be identified uniquely to prevent potential misuse and compromise of the system.

STIG	Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide	2025-05-14

Details

Check Text (C-61802r926168_chk)

Verify that RHEL 9 contains no duplicate GIDs for interactive users with the following command:

$ cut -d : -f 3 /etc/group | uniq -d

If the system has duplicate GIDs, this is a finding.

Fix Text (F-61726r926169_fix)

Edit the file "/etc/group" and provide each group that has a duplicate GID with a unique GID.