Give the NGINX User Account an Invalid Shell

>Draft CIS Benchmark 1.1.2

## Description
The `nginx `account must not be used as a regular login account, and should be assigned an invalid or `nologin `shell to ensure that the account cannot be used to login.

## Rationale
Service accounts such as the `nginx `account represent a risk if they can be used to get a login shell to the system.

## Remediation
Change the `nginx `account to use the `nologin `shell or an invalid shell such as `/dev/null`: ``` # chsh -s /sbin/nologin nginx ```

## Audit
Check the `nginx `login shell in the `/etc/passwd` file: ``` # grep nginx /etc/passwd ``` The `nginx `account shell must be `/sbin/nologin` or `/dev/null `similar to the following: ``` nginx:x:483:479:nginx user:/var/cache/nginx:/sbin/nologin ```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Give the NGINX User Account an Invalid Shell #2

Description

Rationale

Remediation

Audit

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Give the NGINX User Account an Invalid Shell #2

Description

Description

Rationale

Remediation

Audit

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions