Skip to content

Uninstall DHCP Server Package

An XCCDF Rule

Description

If the system does not need to act as a DHCP server, the dhcp package can be uninstalled. The dhcp-server package can be removed with the following command:

$ sudo dnf erase dhcp-server

Rationale

Removing the DHCP server ensures that it cannot be easily or accidentally reactivated and disrupt network operation.

ID
xccdf_org.ssgproject.content_rule_package_dhcp_removed
Severity
Medium
References
Updated



Remediation - Anaconda Pre-Install Instructions


package --remove=dhcp-server

Remediation - Ansible

- name: Ensure dhcp-server is removed
  package:
    name: dhcp-server
    state: absent
  tags:
  - NIST-800-53-CM-6(a)

Remediation - Puppet

include remove_dhcp-server

class remove_dhcp-server {
  package { 'dhcp-server':
    ensure => 'purged',
  }

Remediation - Shell Script


# CAUTION: This remediation script will remove dhcp-server
#	   from the system, and may remove any packages
#	   that depend on dhcp-server. Execute this
#	   remediation AFTER testing on a non-production
#	   system!