STIGQter STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SUSE operating system must initiate a session lock after a 15-minute period of inactivity.

DISA Rule

SV-217110r603262_rule

Vulnerability Number

V-217110

Group Title

SRG-OS-000029-GPOS-00010

Rule Version

SLES-12-010090

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SUSE operating system to initiate a session lock after a 15-minute period of inactivity by modifying or creating (if it does not already exist) the "/etc/profile.d/autologout.sh" file and add the following lines to it:

TMOUT=900
readonly TMOUT
export TMOUT

Set the proper permissions for the "/etc/profile.d/autologout.sh" file with the following command:

# sudo chmod +x /etc/profile.d/autologout.sh

Check Contents

Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types.

Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:

# cat /etc/profile.d/autologout.sh
TMOUT=900
readonly TMOUT
export TMOUT

If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.

Vulnerability Number

V-217110

Documentable

False

Rule Version

SLES-12-010090

Severity Override Guidance

Verify the SUSE operating system must initiate a session logout after a 15-minute period of inactivity for all connection types.

Check the proper script exists to kill an idle session after a 15-minute period of inactivity with the following command:

# cat /etc/profile.d/autologout.sh
TMOUT=900
readonly TMOUT
export TMOUT

If the file "/etc/profile.d/autologout.sh" does not exist or the output from the function call is not the same, this is a finding.

Check Content Reference

M

Target Key

4033

Comments