The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon logon.

An XCCDF Rule

Description

Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.

ID: SV-204605r858478_rule
Version: RHEL-07-040530
Severity: Low
References: CCI-000052
Updated: 15 days ago

Remediation Templates

Configure the operating system to provide users with feedback on when account accesses last occurred by setting the required configuration options in "/etc/pam.d/postlogin". 

Add the following line to the top of "/etc/pam.d/postlogin":

session required pam_lastlog.so showfailed