SLEM 5 must not allow unattended or automatic logon via the graphical user interface (GUI).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-261345	SLEM-05-272010	SV-261345r996493_rule	CCI-000366	high
Description
Failure to restrict system access to authenticated users negatively impacts SLEM 5 security.
STIG			Date
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide			2025-05-08

Related Frameworks

4 paths across 3 frameworks

NIST 800-531 mapping

CM-6

1.00

DISA · 1 · disa_xccdf · related
DISA · 2025-01-23 · disa_cci_list · equivalent

NIST 800-1712 mappings

3.4.1

1.00

DISA · 1 · disa_xccdf · related
DISA · 2025-01-23 · disa_cci_list · equivalent
NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent

3.4.2

1.00

DISA · 1 · disa_xccdf · related
DISA · 2025-01-23 · disa_cci_list · equivalent
NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent

CCI1 mapping

CCI-000366

1.00

DISA · 1 · disa_xccdf · related

Details

Check Text (C-261345r996493_chk)

Note: If a graphical user interface is not installed, this requirement is not applicable. Verify SLEM 5 does not allow unattended or automatic logon via the GUI. Check that unattended or automatic login is disabled with the following commands: > grep -i ^DISPLAYMANAGER_AUTOLOGIN /etc/sysconfig/displaymanager DISPLAYMANAGER_AUTOLOGIN="" > grep -i ^DISPLAYMANAGER_PASSWORD_LESS_LOGIN /etc/sysconfig/displaymanager DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no" If the "DISPLAYMANAGER_AUTOLOGIN" parameter includes a username or the "DISPLAYMANAGER_PASSWORD_LESS_LOGIN" is not set to "no", this is a finding.

Fix Text (F-64982r996492_fix)

Note: If a graphical user interface is not installed, this requirement is not applicable. Configure SLEM 5 GUI to not allow unattended or automatic logon to the system. Add or modify the following lines in the "/etc/sysconfig/displaymanager" file: DISPLAYMANAGER_AUTOLOGIN="" DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"