Back

Configure the "PAM console" setting to organizational standards.


CONTROL ID
04943
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Create custom authselect profile Description: A custom profile can be created by copying and customizing one of the default profiles. The default profiles include: sssd, winbind, or the nis. Rationale: A custom profile is required to customize many of the pam options Remediation Procedure: Run the f… (5.3.1, CIS Oracle Linux 8 Benchmark, Server Level 1, v1.0.1)
  • Select authselect profile Description: You can select a profile for the authselect utility for a specific host. The profile will be applied to every user logging into the host.\n\nYou can create and deploy a custom profile by customizing one of the default profiles, the sssd, winbind, or the nis pro… (5.3.2, CIS Oracle Linux 8 Benchmark, Server Level 1, v1.0.1)
  • Create custom authselect profile Description: A custom profile can be created by copying and customizing one of the default profiles. The default profiles include: sssd, winbind, or the nis. Rationale: A custom profile is required to customize many of the pam options Remediation Procedure: Run the f… (5.3.1, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)
  • Select authselect profile Description: You can select a profile for the authselect utility for a specific host. The profile will be applied to every user logging into the host.\n\nYou can create and deploy a custom profile by customizing one of the default profiles, the sssd, winbind, or the nis pro… (5.3.2, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)
  • PAM console should be enabled or disabled as appropriate Technical Mechanisms: via PAM Parameters: enabled/disabled References: 10.8.10-3 C.5.2 1) (CCE-6486-5, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 4, 5.20130214)