From VMware vRealize Automation 7.x SLES Security Technical Implementation Guide
Part of SRG-OS-000109-GPOS-00056
Associated with: CCI-000770
To assure individual accountability and prevent unauthorized access, organizational users must be individually identified and authenticated.
Verify the SLES for vRealize prevents direct logons to the "root" account by running the following command: # grep root /etc/shadow | cut -d "":"" -f 2 If the returned message contains any text, this is a finding.
Configure the SLES for vRealize to prevent direct logons to the "root" account by performing the following operations: Add this line to the /etc/group file: admin:x:[UNIQUE_NUMBER]:[USERNAME] USERNAME is the user to be added to the admin group. UNIQUE_NUMBER is a number entered into the ID field of an entry that is unique to all other IDs in the file. Comment out the following lines in /etc/sudoers file: Default targetpw ALL ALL=(ALL) ALL Under the line in the /etc/sudoers file: root ALL=(ALL) All Add the following line: %admin ALL=(ALL) ALL Run the following command: # passwd -d root
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer