STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must automatically terminate a user session after inactivity time-outs have expired or at shutdown.

DISA Rule

SV-100421r1_rule

Vulnerability Number

V-89771

Group Title

SRG-OS-000279-GPOS-00109

Rule Version

VRAU-SL-000960

Severity

CAT II

CCI(s)

• CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

10

Fix Recommendation

Ensure the file exists and is owned by "root". If the files does not exist, use the following commands to create the file:

# touch /etc/profile.d/tmout.sh
# chown root:root /etc/profile.d/tmout.sh
# chmod 644 /etc/profile.d/tmout.sh

Edit the file /etc/profile.d/tmout.sh, and add the following lines:

TMOUT=900
readonly TMOUT
export TMOUT
mesg n 2>/dev/null

Check Contents

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to "900" seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set to "900", this is a finding.

Vulnerability Number

V-89771

Documentable

False

Rule Version

VRAU-SL-000960

Severity Override Guidance

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to "900" seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set to "900", this is a finding.

Check Content Reference

M

Target Key

3459

Comments