An XCCDF Group - A logical subset of the XCCDF Benchmark
debug-shell
systemctl
tty9
CTRL-ALT-F9
$ sudo systemctl mask --now debug-shell.service
SystemD
Ctrl-Alt-Del
CtrlAltDelBurstAction
/etc/systemd/system.conf
CtrlAltDelBurstAction=none
ln -sf /dev/null /etc/systemd/system/ctrl-alt-del.target
systemctl mask ctrl-alt-del.target
/usr/lib/systemd/system/ctrl-alt-del.service
1
yes
true
on
systemd.confirm_spawn
/etc/default/grub
systemd.confirm_spawn=(1|yes|true|on)
GRUB_DISABLE_RECOVERY=true
/sbin/grubby --update-kernel=ALL --remove-args="systemd.confirm_spawn"
grub2-mkconfig -o /boot/grub2/grub.cfg
/usr/lib/systemd/system/emergency.service
/usr/lib/systemd/system/rescue.service
tmux
$ tmux
ctrl+b :lock-session
/etc/bashrc
/etc/profile.d/
lock-after-time
/etc/tmux.conf
vlock
set -g lock-command vlock
session-lock
bind X lock-session
Ctrl+b Shift+x
/etc/shells
kbd
$ sudo yum install kbd
cac
default
other
opensc
$ sudo yum install opensc
pcsc-lite
$ sudo yum install pcsc-lite
openssl-pkcs11
$ sudo yum install openssl-pkcs11
pcscd
$ sudo systemctl enable pcscd.service
/etc/opensc.conf
app default
app default { ... card_drivers = ; }
# force_card_driver = customcos;
force_card_driver = ;
cert_policy
/etc/pam_pkcs11/pam_pkcs11.conf
ocsp_on
cert_policy = ca, ocsp_on, signature;
logind
/etc/systemd/logind.conf
[Login]
StopIdleSessionSec=