UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

RHEL 9 file system automount function must be disabled unless required.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257849 RHEL-09-231040 SV-257849r958498_rule Medium
Description
An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-06-04

Details

Check Text ( C-61590r925532_chk )
Verify that RHEL 9 file system automount function has been disabled with the following command:

$ sudo systemctl is-enabled autofs

masked

If the returned value is not "masked", "disabled", "Failed to get unit file state for autofs.service for autofs", or "enabled", and is not documented as operational requirement with the information system security officer ISSO, this is a finding.
Fix Text (F-61514r925533_fix)
Configure RHEL 9 to disable the ability to automount devices.

The autofs service can be disabled with the following command:

$ sudo systemctl mask --now autofs.service