/etc/passwd or /etc/groups, file system permissions always revert to 644

Document ID : KB000035792
Last Modified Date : 14/02/2018
Show Technical Document Details


Upon modifying a Unix user account with ControlMinder, the rights of the file /etc/passwd or /etc/groups, etc. change and set to 644.


Applies to all supported environments for ControlMinder on Unix or Linux


Although it might not be obvious, what you see in this case is expected behaviour and is working by design.


By default CM is resetting group and passwd file ownership and file access rights to root and 644 upon update of a user and/or group.
This behaviour is meant as security feature, e.g. if the file was "stolen" by some other user.

Anyway, you can switch off this behaviour if you negate the default values of these tokens in seos.ini in [passwd] section

Additional Information: