STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-219156r610963_rule
V-219156
SRG-OS-000437-GPOS-00194
UBTU-18-010017
CAT II
10
Configure APT to remove all software components after updated versions have been installed.
Add or updated the following options to the "/etc/apt/apt.conf.d/50unattended-upgrades" file:
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
Verify Advance package Tool (APT) is configured to remove all software components after updated versions have been installed.
Check that APT is configured to remove all software components after updating with the following command:
# grep -i remove-unused /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
If the "::Remove-Unused-Dependencies" and "::Remove-Unused-Kernel-Packages" parameters are not set to "true", or are missing, or are commented out, this is a finding.
V-219156
False
UBTU-18-010017
Verify Advance package Tool (APT) is configured to remove all software components after updated versions have been installed.
Check that APT is configured to remove all software components after updating with the following command:
# grep -i remove-unused /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
If the "::Remove-Unused-Dependencies" and "::Remove-Unused-Kernel-Packages" parameters are not set to "true", or are missing, or are commented out, this is a finding.
M
4055