STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must terminate all sessions and network connections related to nonlocal maintenance when nonlocal maintenance is completed.

DISA Rule

SV-100363r1_rule

Vulnerability Number

V-89713

Group Title

SRG-OS-000126-GPOS-00066

Rule Version

VRAU-SL-000765

Severity

CAT II

CCI(s)

• CCI-000879 - The organization terminates sessions and network connections when nonlocal maintenance is completed.

Weight

10

Fix Recommendation

Ensure the file exists and is owned by "root". If the files does not exist, use the following commands to create the file:

# touch /etc/profile.d/tmout.sh
# chown root:root /etc/profile.d/tmout.sh
# chmod 644 /etc/profile.d/tmout.sh

Edit the file /etc/profile.d/tmout.sh, and add the following lines:

TMOUT=900
readonly TMOUT
export TMOUT
mesg n 2>/dev/null

Check Contents

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to "900" seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set to "900", this is a finding.

Vulnerability Number

V-89713

Documentable

False

Rule Version

VRAU-SL-000765

Severity Override Guidance

Check for the existence of the /etc/profile.d/tmout.sh file:

# ls -al /etc/profile.d/tmout.sh

Check for the presence of the "TMOUT" variable:

# grep TMOUT /etc/profile.d/tmout.sh

The value of "TMOUT" should be set to "900" seconds (15 minutes).

If the file does not exist, or the "TMOUT" variable is not set to "900", this is a finding.

Check Content Reference

M

Target Key

3459

Comments