An XCCDF Group - A logical subset of the XCCDF Benchmark
gdm
graphical.target
$ sudo yum remove gdm
dconf update
/etc/dconf/db/distro.d
/etc/dconf/db/local.d
/etc/dconf/profile/user
user-db:user system-db:local system-db:site system-db:distro
dconf(1)
disable-restart-buttons
true
/etc/dconf/db/distro.d/00-security-settings
[org/gnome/login-screen] disable-restart-buttons=true
/etc/dconf/db/distro.d/locks/00-security-settings-lock
/org/gnome/login-screen/disable-restart-buttons
disable-user-list
[org/gnome/login-screen] disable-user-list=true
/org/gnome/login-screen/disable-user-list
enable-smartcard-authentication
[org/gnome/login-screen] enable-smartcard-authentication=true
/org/gnome/login-screen/enable-smartcard-authentication
removal-action
'lock-screen'
/etc/dconf/db/local.d/00-security-settings
[org/gnome/settings-daemon/peripherals/smartcard] removal-action='lock-screen'
/etc/dconf/db/local.d/locks/00-security-settings-lock
/org/gnome/settings-daemon/peripherals/smartcard/removal-action
allowed-failures
3
[org/gnome/login-screen] allowed-failures=3
/org/gnome/login-screen/allowed-failures
AutomaticLoginEnable
false
[daemon]
/etc/gdm/custom.conf
[daemon] AutomaticLoginEnable=false
Enable
[xdmcp]
[xdmcp] Enable=false
automount
[org/gnome/desktop/media-handling] automount=false
/org/gnome/desktop/media-handling/automount
automount-open
[org/gnome/desktop/media-handling] automount-open=false
/org/gnome/desktop/media-handling/automount-open
autorun-never
[org/gnome/desktop/media-handling] autorun-never=true
/org/gnome/desktop/media-handling/autorun-never
disable-all
[org/gnome/desktop/thumbnailers] disable-all=true
/org/gnome/desktop/thumbnailers/disable-all
GNOME
NetworkManager
disable-wifi-create
[org/gnome/nm-applet] disable-wifi-create=true
/org/gnome/nm-applet/disable-wifi-create
suppress-wireless-networks-available
[org/gnome/nm-applet] suppress-wireless-networks-available=true
/org/gnome/nm-applet/suppress-wireless-networks-available
Vino
authentication-methods
['vnc']
[org/gnome/Vino] authentication-methods=['vnc']
/org/gnome/Vino/authentication-methods
require-encryption
[org/gnome/Vino] require-encryption=true
/org/gnome/Vino/require-encryption
idle-activation-enabled
[org/gnome/desktop/screensaver] idle-activation-enabled=true
/org/gnome/desktop/screensaver/idle-activation-enabled
idle-delay
/etc/dconf/db/local.d/locks
[org/gnome/desktop/session] idle-delay=uint32 900
lock-delay
uint32
[org/gnome/desktop/screensaver] lock-delay=uint32
lock-enabled
[org/gnome/desktop/screensaver] lock-enabled=true
/org/gnome/desktop/screensaver/lock-enabled
/etc/dconf/db/local.d/locks/00-security-settings
picture-uri
string ''
[org/gnome/desktop/screensaver] picture-uri=string ''
/org/gnome/desktop/screensaver/picture-uri
show-full-name-in-top-bar
[org/gnome/desktop/screensaver] show-full-name-in-top-bar=false
/org/gnome/desktop/screensaver/show-full-name-in-top-bar
/org/gnome/desktop/screensaver/lock-delay
/org/gnome/desktop/session/idle-delay
Ctrl-Alt-Del
logout
''
[org/gnome/settings-daemon/plugins/media-keys] logout=''
/org/gnome/settings-daemon/plugins/media-keys/logout
enabled
[org/gnome/system/location] enabled=false
geolocation
[org/gnome/clocks] geolocation=false
/org/gnome/system/location/enabled /org/gnome/clocks/geolocation
active
[org/gnome/settings-daemon/plugins/power] active=false
/org/gnome/settings-daemon/plugins/power
user-administration-disabled
[org/gnome/desktop/lockdown] user-administration-disabled=true
/org/gnome/desktop/lockdown/user-administration-disabled