If Network Security Services (NSS) is being used by SLEM 5 it must prohibit the use of cached authentications after one day.

An XCCDF Rule

Description

If cached authentication information is out of date, the validity of the authentication information may be questionable.

ID: SV-261399r996617_rule
Version: SLEM-05-631010
Severity: Medium
References: CCI-002007
Updated: 5 days ago

Remediation Templates

Configure NSS, if used by SLEM 5, to prohibit the use of cached authentications after one day.

Add or modify the following line in the "/etc/sssd/sssd.conf" file, below the line "[nss]":

memcache_timeout = 86400