5.3.8 Ensure date and time of last successful logon - showfailed

Information

The operating system must display the date and time of the last successful account logon upon logon.

Rationale:

Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.

Solution

Configure the operating system to provide users with feedback on when account accesses last occurred by setting the required configuration options in /etc/pam.d/postlogin.
Example: vim /etc/pam.d/postlogin
Add the following line to the top of the file:

session required pam_lastlog.so showfailed

Notes:

This Benchmark recommendation maps to:

Red Hat Enterprise Linux 7 Security Technical Implementation Guide:

Version 2, Release: 3 Benchmark Date: 26 Apr 2019



Vul ID: V-72275

Rule ID: SV-86899r4_rule

STIG ID: RHEL-07-040530

Severity: CAT III

See Also

https://workbench.cisecurity.org/files/2688

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-9(1)

Plugin: Unix

Control ID: d6dfa281837afa4b7f213a040c30a74f873f6e4f7cdf06ba9917185068e0f037