From 2166e5da94ab1c04c56124c7c41b788a7d3d0172 Mon Sep 17 00:00:00 2001
From: Justin Partain <jpartain89@gmail.com>
Date: Wed, 26 Oct 2016 20:08:02 -0500
Subject: [PATCH] =?UTF-8?q?adjusted.=20For=20test=20number=209234,=20added?=
 =?UTF-8?q?=20comments=20stating=20macOS=20doesn=E2=80=99t=20use=20/etc/pa?=
 =?UTF-8?q?sswd=20for=20normal=20users.=20macOS=20uses=20`opendirectoryd`?=
 =?UTF-8?q?=20as=20the=20backend=20for=20user=20management.=20So,=20`dscac?=
 =?UTF-8?q?heutil`=20is=20the=20recommended=20program=20to=20parse=20that?=
 =?UTF-8?q?=20information.=20I=20input=20a=20sample=20line=20as=20a=20comm?=
 =?UTF-8?q?ent=20in=20the=20test=20area.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 include/tests_authentication | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/include/tests_authentication b/include/tests_authentication
index 4e2e5bc6..15a91a0c 100644
--- a/include/tests_authentication
+++ b/include/tests_authentication
@@ -89,6 +89,7 @@
             LogText "Result: test skipped, ${PASSWD_FILE} file not available"
         fi
         LogText "Remarks: Non unique UIDs can riskful for the system or part of a configuration mistake"
+        LogText "Remarks: Non unique UIDs can be a risk for the system or part of a configuration mistake"
     fi
 #
 #################################################################################
@@ -274,6 +275,7 @@
     # Notes       : AIX: 100+
     #               HPUX: 100+
     #               Mac OS X: needs to be improved (just reading passwd file is not enough)
+    #               (NOTE: macOS doesn't have any user info in /etc/passwd, users are managed with opendirectoryd)
     #               OpenBSD/NetBSD: unknown
     #               Arch Linux / CentOS / Ubuntu: 1000+
     Register --test-no AUTH-9234 --weight L --network NO --category security --description "Query user accounts"
@@ -312,6 +314,10 @@
                 LogText "Solaris real users output (ID =0, or 100+, but not 60001/65534):"
                 FIND=`${AWKBINARY} -F: '($3 >= 100 && $3 != 60001 && $3 != 65534) || ($3 == 0) { print $1","$3 }' /etc/passwd`
             ;;
+#            "macOS")
+#                LogText "macOS real users output (ID = 0, or 500-599)"
+#               #NOTE# The specific line for using dscacheutil is:
+#               # dscacheutil -q user | grep -A 3 -B 2 -e uid:\ 5'[0-9][0-9]'                
             *)
                 # Want to help improving Lynis? Determine what user IDs belong to normal user accounts
                 ReportException "${TEST_NO}:1" "Can not determine user accounts"