确保根路径完整性审核检查失败“/root/bin”不是目录

我在 kubernetes 中创建了一个工作节点并运行了审核检查

6.2.7 Ensure root PATH Integrity

/root/bin is not a directory

[rocky@worker-1 ~]$ ./cistest.sh ## Running Audit check 
/root/bin is not a directory

[rocky@worker-1 ~]$  sudo -Hiu root env | grep PATH
PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

cistest.sh：

#!/bin/bash
RPCV="$(sudo -Hiu root env | grep '^PATH=' | cut -d= -f2)"
echo "$RPCV" | grep -q "::" && echo "root's path contains a empty directory (::)"
echo "$RPCV" | grep -q ":$" && echo "root's path contains a trailing (:)"
for x in $(echo "$RPCV" | tr ":" " "); do
 if [ -d "$x" ]; then
   ls -ldH "$x" | awk '$9 == "." {print "PATH contains current working directory (.)"}
   $3 != "root" {print $9, "is not owned by root"}
   substr($1,6,1) != "-" {print $9, "is group writable"}
   substr($1,9,1) != "-" {print $9, "is world writable"}'
 else
   echo "$x is not a directory"
 fi
done

[rocky@worker-1 ~]$ cat /etc/redhat-release
Rocky Linux release 8.7 (Green Obsidian)

1. 在基于 Rocky Linux 的机器中通常如何创建

   /root/bin

   目录？
2. 哪个服务或哪个组件负责将

   /root/bin

   目录添加到 PATH 环境变量？
3. 如果未创建

   /root/bin

   ，我是否需要将其从 PATH 环境变量中删除，或者需要在具有所需权限的工作节点中创建

   /root/bin

   ，以便审核测试通过。

如果有人帮助我或澄清上述几点，那将非常有帮助。预先感谢！