ALMA-09-006180 - AlmaLinux OS 9 must require authentication to access emergency mode.

Information

This requirement prevents attackers with physical access from easily bypassing security on the machine and gaining root access.

Such accesses are further prevented by configuring the bootloader password.

Solution

Configure AlmaLinux OS 9 to require authentication for emergency mode.

Add or modify the following line in the "/usr/lib/systemd/system/emergency.service" file:

ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

"sudo systemctl edit emergency.service" can also be used to create a "/etc/systemd/system/emergency.service.d/override.conf" file.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CL_AlmaLinux_OS_9_V1R1_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3, CAT|II, CCI|CCI-000213, Rule-ID|SV-269136r1050018_rule, STIG-ID|ALMA-09-006180, Vuln-ID|V-269136

Plugin: Unix

Control ID: 264fbab21d3fd8469f0d471b7be108a9419995059f6a0c7d7b397bf75b00c7b1