-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.7.0
-
None
-
Moderate
-
sst_security_compliance
-
ssg_security
-
26
-
None
-
False
-
-
No
-
None
-
-
Pass
-
None
-
Release Note Not Required
-
-
x86_64
-
None
Description of problem:
As part of CIS hardening, we have applied tmout configuration on the profile level .
wheil user login we are getting below error message for KSH shell only.
Can you please check on this.
root@lezqdndbv273.staples.com>su - balna001
Last login: Tue Feb 7 17:46:23 EST 2023 on pts/0
/etc/profile[70]: .: line 484: declare: not found
- Session Timeout Enabled on xterm
balna001@lezqdndbv273:balna001>
balna001@lezqdndbv273:balna001> cat /etc/profile.d/tmout.sh
Version-Release number of selected component (if applicable):
Linux lezqdndbv273.staples.com 4.18.0-425.10.1.el8_7.x86_64 #1 SMP Wed Dec 14 16:00:01 EST 2022 x86_64 x86_64 x86_64 GNU/Linux
How reproducible:
Always
Steps to Reproduce:
1. Run scap security scan using ssg-rhel8-xccdf.xml
2. TMOUT is defined either in one place or two, doesnt seem to matter with ksh. KCS mentions BASH.
https://access.redhat.com/solutions/53885
Actual results:
it's giving the message "/etc/profile[68]: .: line 273: declare: not found" even though TMOUT value defined in one place or two places.
KSH shell is not liking "Declare" option and OpenScape CIS level Benchmark is insisting that tmout value.
Expected results:
No error
Additional info:
CCE-80673-7( Set Interactive Session Timeout )
CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server.
- oscap info ssg-rhel8-xccdf.xml
Document type: XCCDF Checklist
Checklist version: 1.1
Imported: 2022-08-17T05:59:19
Status: draft
Generated: 2022-08-17
- external trackers
- links to
-
RHBA-2024:128049
scap-security-guide bug fix and enhancement update
- mentioned on
