UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The openldap-servers package must not be installed unless required.


Overview

Finding ID Version Rule ID IA Controls Severity
V-50821 OL6-00-000256 SV-65027r1_rule Low
Description
Unnecessary packages should not be installed to decrease the attack surface of the system.
STIG Date
Oracle Linux 6 Security Technical Implementation Guide 2015-06-09

Details

Check Text ( C-53293r1_chk )
To verify the "openldap-servers" package is not installed, run the following command:

$ rpm -q openldap-servers

The output should show the following.

package openldap-servers is not installed

If it does not, this is a finding.
Fix Text (F-55615r1_fix)
The "openldap-servers" package should be removed if not in use. Is this machine the OpenLDAP server? If not, remove the package.

# yum erase openldap-servers

The openldap-servers RPM may be installed. It is needed only by the OpenLDAP server, not by clients which use LDAP for authentication. If the system is not intended for use as an LDAP server, it should be removed.