UCF STIG Viewer Logo

The system must allow locking of graphical desktop sessions.


Finding ID Version Rule ID IA Controls Severity
V-38474 RHEL-06-000508 SV-50274r2_rule Low
The ability to lock graphical desktop sessions manually allows users to easily secure their accounts should they need to depart from their workstations temporarily.
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2015-05-26


Check Text ( C-46030r2_chk )
If the GConf2 package is not installed, this is not applicable.

Verify the keybindings for the Gnome screensaver:

# gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --get /apps/gnome_settings_daemon/keybindings/screensaver

If no output is visible, this is a finding.
Fix Text (F-43420r1_fix)
Run the following command to set the Gnome desktop keybinding for locking the screen:

# gconftool-2
--direct \
--config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory \
--type string \
--set /apps/gnome_settings_daemon/keybindings/screensaver "l"

Another keyboard sequence may be substituted for "l", which is the default for the Gnome desktop.