From bd985b1959f0586b22ddfa6cadd4b6a7ac453257 Mon Sep 17 00:00:00 2001
From: Miha Purg <miha.purg@canonical.com>
Date: Tue, 2 Dec 2025 21:45:43 +0100
Subject: [PATCH] Fix conditional in no_shelllogin_for_systemaccounts
 remediation

Fix for the conditional `$3 != root` in the awk command, which compared the UID field with an username. It worked as intended because it was comparing the UID of 0 against an undefined variable not the string "root".
---
 .../root_logins/no_shelllogin_for_systemaccounts/bash/shared.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/bash/shared.sh
index b493893440fd..f5db4eaf1d75 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/bash/shared.sh
@@ -4,7 +4,7 @@
 # complexity = low
 # disruption = medium
 
-readarray -t systemaccounts < <(awk -F: '($3 < {{{ uid_min }}} && $3 != root \
+readarray -t systemaccounts < <(awk -F: '($3 < {{{ uid_min }}} && $1 != "root" \
   && $7 != "\/sbin\/shutdown" && $7 != "\/sbin\/halt" && $7 != "\/bin\/sync") \
   { print $1 }' /etc/passwd)