STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must initiate a session lock after a 15-minute period of inactivity.

DISA Rule

SV-234813r622137_rule

Vulnerability Number

V-234813

Group Title

SRG-OS-000029-GPOS-00010

Rule Version

SLES-15-010130

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SUSE operating system to initiate a session lock after a 15-minute period of inactivity by modifying or creating (if it does not already exist) the "/etc/profile.d/autologout.sh" file and add the following lines to it:

TMOUT=900
readonly TMOUT
export TMOUT

Set the proper permissions for the "/etc/profile.d/autologout.sh" file with the following command:

> sudo chmod +x /etc/profile.d/autologout.sh

Check Contents

Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types.

Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:

> cat /etc/profile.d/autologout.sh
TMOUT=900
readonly TMOUT
export TMOUT

If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.

Vulnerability Number

V-234813

Documentable

False

Rule Version

SLES-15-010130

Severity Override Guidance

Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types.

Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:

> cat /etc/profile.d/autologout.sh
TMOUT=900
readonly TMOUT
export TMOUT

If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.

Check Content Reference

M

Target Key

5274

Comments