STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021: STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:SV-238197r653766_rule
V-238197
SRG-OS-000023-GPOS-00006
UBTU-20-010002
CAT II
10
Edit the "/etc/gdm3/greeter.dconf-defaults" file.
Look for the "banner-message-enable" parameter under the "[org/gnome/login-screen]" section and uncomment it (remove the leading "#" characters):
Note: The lines are all near the bottom of the file but not adjacent to each other.
[org/gnome/login-screen]
banner-message-enable=true
Update the GDM with the new configuration:
$ sudo dconf update
$ sudo systemctl restart gdm3
Verify the Ubuntu operating system is configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.
Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
Check that the operating banner message for the graphical user logon is enabled with the following command:
$ grep ^banner-message-enable /etc/gdm3/greeter.dconf-defaults
banner-message-enable=true
If the line is commented out or set to "false", this is a finding.
V-238197
False
UBTU-20-010002
Verify the Ubuntu operating system is configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.
Note: If the system does not have a graphical user interface installed, this requirement is Not Applicable.
Check that the operating banner message for the graphical user logon is enabled with the following command:
$ grep ^banner-message-enable /etc/gdm3/greeter.dconf-defaults
banner-message-enable=true
If the line is commented out or set to "false", this is a finding.
M
5318