Detections
Analytics
RHEL-10-700980 - RHEL 10 must disable the ability of systemd to spawn an interactive boot process.
Information
Using interactive or recovery boot, the console user could disable auditing, firewalls, or other services, weakening system security.Solution
Configure RHEL 10 so that the current GRUB 2 configuration disables the ability of systemd to spawn an interactive boot process with the following command:$ sudo grubby --update-kernel=ALL --remove-args="systemd.confirm_spawn"
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-7a., CAT|II, CCI|CCI-000381, Rule-ID|SV-281300r1167050_rule, STIG-ID|RHEL-10-700980, Vuln-ID|V-281300
Plugin: Unix
Control ID: 6d9cb7e37cc10571899f760bd6470579b446b0d7a56fc44888c5aecbd369a960