Disable RPC ID Mapping Service (rpcidmapd)
An XCCDF Rule
Description
The rpcidmapd service is used to map user names and groups to UID
and GID numbers on NFSv4 mounts. If NFS is not in use on the local system then
this service should be disabled.
The rpcidmapd
service can be disabled with the following command:
$ sudo systemctl mask --now rpcidmapd.service
- ID
- xccdf_org.ssgproject.content_rule_service_rpcidmapd_disabled
- Severity
- Unknown
- Updated
Remediation - Kubernetes Patch
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
config:
ignition:
version: 3.1.0
Remediation - OS Build Blueprint
[customizations.services]
disabled = ["rpcidmapd"]
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
SYSTEMCTL_EXEC='/usr/bin/systemctl'
"$SYSTEMCTL_EXEC" stop 'rpcidmapd.service'
"$SYSTEMCTL_EXEC" disable 'rpcidmapd.service'
Remediation - Puppet
include disable_rpcidmapd
class disable_rpcidmapd {
service {'rpcidmapd':
enable => false,
ensure => 'stopped',
Remediation - Ansible
- name: Block Disable service rpcidmapd
block:
- name: Disable service rpcidmapd
block: