An error occurred:

Check: SLES-15-010050

SUSE Linux Enterprise Server 15 STIG: SLES-15-010050 (in versions v1 r13 through v1 r1)

Title

The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI). (Cat II impact)

Discussion

The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI). Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000024-GPOS-00007

Check Content

Verify the SUSE operating system displays the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on via the local GUI. Note: If a graphical user interface is not installed, this requirement is Not Applicable. Check the configuration by running the following command: > more /etc/gdm/Xsession The beginning of the file must contain the following text immediately after (#!/bin/sh): if ! zenity --text-info \ --title "Consent" \ --filename=/etc/gdm/banner \ --no-markup \ --checkbox="Accept." 10 10; then sleep 1; exit 1; fi If the beginning of the file does not contain the above text immediately after the line (#!/bin/sh), this is a finding.

Fix Text

Configure the SUSE operating system to display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access. Note: If a graphical user interface is not installed, this requirement is Not Applicable. Edit the file "/etc/gdm/Xsession". Add the following content to the file "/etc/gdm/Xsession" below the line #!/bin/sh: if ! zenity --text-info \ --title "Consent" \ --filename=/etc/gdm/banner \ --no-markup \ --checkbox="Accept." 10 10; then sleep 1; exit 1; fi Save the file "/etc/gdm/Xsession".

Additional Identifiers

Rule ID: SV-234806r622137_rule

Vulnerability ID: V-234806

Group Title: SRG-OS-000023-GPOS-00006

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000048

The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
CCI-000050

The information system retains the notification message or banner on the screen until users acknowledge the usage conditions and take explicit actions to log on to or further access the information system.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-8

System Use Notification