Description of problem:
========================

* The home directory of tss account is /dev/null
  This causes issue with CIS 8 benchmarking 

Version-Release number of selected component (if applicable):
========================

* RHEL 8.x  , All versions
* This also exist in RHEL 7 and RHEL 9

How reproducible:
100% 

Steps to Reproduce:
========================

1. Check the home directory for tss user


Actual results:
========================

* _tss_ user has `/dev/null` as home directory 
~~~
$ grep tss /etc/passwd
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
~~~

Expected results:
========================

* It could have been `/` anyway the `/sbin/nologin` is set but not `/dev/null`

Additional info:
========================

* The rationale specified for the compliance in CIS 8 benchmarking:
~~~
If the user's home directory does not exist or is unassigned, the user will be placed in "/"
and will not be able to write any files or have local environment variables set
~~~

* Benchmarking follows this scrip to find the 'tss' user and flags it as not as per compliance 
~~~
grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read -r user dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
fi
done
~~~


* The explanation I found is : 
~~~
tss account is used by the trousers package to sandbox the tcsd daemon.
trousers RPM is the part of OS installation.
tss account doesn't need a home directory, so the default value is /dev/null, which will not cause any issue.
In addition, because tss account doesn't need to login to the system, it has /sbin/nologin assigned.
~~~