Skip to content

Disable RPC ID Mapping Service (rpcidmapd)

An XCCDF Rule

Description

The rpcidmapd service is used to map user names and groups to UID and GID numbers on NFSv4 mounts. If NFS is not in use on the local system then this service should be disabled. The rpcidmapd service can be disabled with the following command:

$ sudo systemctl mask --now rpcidmapd.service

ID
xccdf_org.ssgproject.content_rule_service_rpcidmapd_disabled
Severity
Unknown
Updated



Remediation - Kubernetes Patch

apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
  config:
    ignition:
      version: 3.1.0

Remediation - OS Build Blueprint


[customizations.services]
disabled = ["rpcidmapd"]

Remediation - Shell Script

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then

SYSTEMCTL_EXEC='/usr/bin/systemctl'
"$SYSTEMCTL_EXEC" stop 'rpcidmapd.service'
"$SYSTEMCTL_EXEC" disable 'rpcidmapd.service'

Remediation - Puppet

include disable_rpcidmapd

class disable_rpcidmapd {
  service {'rpcidmapd':
    enable => false,
    ensure => 'stopped',

Remediation - Ansible

- name: Block Disable service rpcidmapd
  block:

  - name: Disable service rpcidmapd
    block: