Install the screen Package
An XCCDF Rule
Description
To enable console screen locking, install the screen package.
The screen package can be installed with the following command:
$ sudo yum install screenInstruct users to begin new terminal sessions with the following command:
$ screenThe console can now be locked with the following key combination:
ctrl+a x
Rationale
A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate
physical vicinity of the information system but does not logout because of the temporary nature of the absence.
Rather than relying on the user to manually lock their operation system session prior to vacating the vicinity,
operating systems need to be able to identify when a user's session has idled and take action to initiate the
session lock.
The screen package allows for a session lock to be implemented and configured.
- ID
- xccdf_org.ssgproject.content_rule_package_screen_installed
- Severity
- Medium
- References
- Updated
Remediation - Puppet
include install_screen
class install_screen {
package { 'screen':
ensure => 'installed',
}
Remediation - Ansible
- name: Gather the package facts
package_facts:
manager: auto
tags:
- DISA-STIG-OL07-00-010090
- NIST-800-171-3.1.10
Remediation - OS Build Blueprint
[[packages]]
name = "screen"
version = "*"
Remediation - Anaconda Pre-Install Instructions
package --add=screen
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if rpm --quiet -q kernel; then
if ! rpm -q --quiet "screen" ; then
yum install -y "screen"
fi