STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must initiate a session lock after a 15-minute period of inactivity for all connection types.

DISA Rule

SV-100127r1_rule

Vulnerability Number

V-89477

Group Title

SRG-OS-000029-GPOS-00010

Rule Version

VRAU-SL-000050

Severity

CAT II

CCI(s)

• CCI-000057 - The information system initiates a session lock after the organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Ensure the file exists and is owned by "root". If the file does not exist, use the following commands to create the file:

# touch /etc/profile.d/tmout.sh
# chown root:root /etc/profile.d/tmout.sh
# chmod 644 /etc/profile.d/tmout.sh

Edit the file "/etc/profile.d/tmout.sh" and add the following lines:

TMOUT=900
readonly TMOUT
export TMOUT
mesg n 2>/dev/null

Check Contents

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the TMOUT variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of TMOUT should be set to "900" seconds (15 minutes).

If the file does not exist, or the TMOUT variable is not set, this is a finding.

Vulnerability Number

V-89477

Documentable

False

Rule Version

VRAU-SL-000050

Severity Override Guidance

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the TMOUT variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of TMOUT should be set to "900" seconds (15 minutes).

If the file does not exist, or the TMOUT variable is not set, this is a finding.

Check Content Reference

M

Target Key

3459

Comments