RHEL 9 file system automount function must be disabled unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-257849 | RHEL-09-231040 | SV-257849r1044928_rule | CCI-000778 | medium |
| Description | ||||
| An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227 | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2025-05-14 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
IA-3
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.5.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000778
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-257849r1044928_chk)
Note: If the autofs service is not installed, this requirement is Not Applicable.
Verify that the RHEL 9 file system automount function has been disabled with the following command:
$ systemctl is-enabled autofs
masked
If the returned value is not "masked", "disabled", or "Failed to get unit file state for autofs.service for autofs" and is not documented as an operational requirement with the information system security officer (ISSO), this is a finding.
Fix Text (F-61514r925533_fix)
Configure RHEL 9 to disable the ability to automount devices.
The autofs service can be disabled with the following command:
$ sudo systemctl mask --now autofs.service