Uninstall nfs-kernel-server Package

An XCCDF Rule

Description

The nfs-kernel-server package can be removed with the following command:

$ apt-get remove nfs-kernel-server

Rationale

If the system does not export NFS shares or act as an NFS client, it is recommended that these services be removed to reduce the remote attack surface.

ID: xccdf_org.ssgproject.content_rule_package_nfs-kernel-server_removed
Severity: Low
References: 2.2.6
Updated: about 1 year ago

- name: Ensure nfs-kernel-server is removed
  package:
    name: nfs-kernel-server
    state: absent
  tags:
  - disable_strategy  - low_complexity
  - low_disruption
  - low_severity
  - no_reboot_needed
  - package_nfs-kernel-server_removed

include remove_nfs-kernel-server

class remove_nfs-kernel-server {
  package { 'nfs-kernel-server':
    ensure => 'purged',
  }}


# CAUTION: This remediation script will remove nfs-kernel-server
#	   from the system, and may remove any packages
#	   that depend on nfs-kernel-server. Execute this
#	   remediation AFTER testing on a non-production
#	   system!
DEBIAN_FRONTEND=noninteractive apt-get remove -y "nfs-kernel-server"

Uninstall nfs-kernel-server Package

Description

Rationale

Remediation - Ansible

Remediation - Puppet

Remediation - Shell Script