Ensure No Duplicate GIDs Exist on the System : iCompaas Support

Ensure No Duplicate GIDs Exist on the System Print

Created by: iCompaas Tech Support

Modified on: Thu, 29 May, 2025 at 5:22 AM

Profile Applicability:
Level 1

Description:
Duplicate Group IDs (GIDs) can cause conflicts in group ownership and permissions, potentially leading to unauthorized access or privilege escalation.

Rationale:
Ensuring unique GIDs prevents ambiguity in group membership and access control, maintaining system security and integrity.

Impact:
Pros:

Ensures consistent group permissions and ownership.
Simplifies management and auditing of groups.

Cons:

Changing GIDs may disrupt access if not properly coordinated.

Default Value:
Duplicate GIDs may exist due to manual misconfiguration or system inconsistencies.

Pre-requisites:

Root or sudo privileges to review and modify group configurations.

Remediation:

Test Plan:

Using Linux command line:

List all GIDs and identify duplicates:
```
cut -d: -f3 /etc/group | sort | uniq -d
```
Verify that the output is empty, indicating no duplicates.

Implementation Plan:

Using Linux command line:

For each duplicate GID found, change the GID to a unique value:
```
groupmod -g <new_gid> <groupname>
```
Update any files or directories with the old GID to the new GID.

Backout Plan:

Using Linux command line:

Restore original GIDs from backups if necessary.
Revert file and directory ownership as required.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
NIST SP 800-53 Revision 5 - AC-6

iCompaas is the author of this solution article.

Did you find it helpful? Yes No

Ensure No Duplicate GIDs Exist on the System Print

Test Plan:

Related Articles