Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The openldap-servers package must not be installed unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38627 | RHEL-06-000256 | SV-50428r2_rule | Low |
| Description |
|---|
| Unnecessary packages should not be installed to decrease the attack surface of the system. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2018-11-28 |
Details
| Check Text ( C-46187r1_chk ) |
|---|
| To verify the "openldap-servers" package is not installed, run the following command: $ rpm -q openldap-servers The output should show the following. package openldap-servers is not installed If it does not, this is a finding. |
| Fix Text (F-43577r2_fix) |
|---|
| The "openldap-servers" package should be removed if not in use. # yum erase openldap-servers The openldap-servers RPM is not installed by default on RHEL6 machines. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended for use as an LDAP Server it should be removed. |