6:11 a.m.
Signed-off-by: David Smith <dsmith(a)eclipse.ncsc.mil>
---
RHEL6/input/auxiliary/alt-titles-stig.xml | 2 +-
RHEL6/input/profiles/common.xml | 2 +-
RHEL6/input/profiles/manual_remediation.xml | 2 +-
RHEL6/input/system/accounts/physical.xml | 28 +++++++++++---------------
4 files changed, 15 insertions(+), 19 deletions(-)
diff --git a/RHEL6/input/auxiliary/alt-titles-stig.xml
b/RHEL6/input/auxiliary/alt-titles-stig.xml
index 915bd1a..d944b48 100644
--- a/RHEL6/input/auxiliary/alt-titles-stig.xml
+++ b/RHEL6/input/auxiliary/alt-titles-stig.xml
@@ -236,7 +236,7 @@ The graphical desktop environment must have automatic lock enabled.
<title rule="set_blank_screensaver" shorttitle="Implement Blank Screen
Saver">
The system must display a publicly-viewable pattern during a graphical desktop
environment session lock.
</title>
-<title rule="install_vlock_package" shorttitle="Install the vlock
Package">
+<title rule="install_screen_package" shorttitle="Install the screen
Package">
The system must allow locking of the console screen.
</title>
<title rule="set_system_login_banner" shorttitle="Modify the System
Login Banner">
diff --git a/RHEL6/input/profiles/common.xml b/RHEL6/input/profiles/common.xml
index 914ca76..3c5a381 100644
--- a/RHEL6/input/profiles/common.xml
+++ b/RHEL6/input/profiles/common.xml
@@ -67,7 +67,7 @@
<select idref="bootloader_password" selected="true"/>
<select idref="require_singleuser_auth" selected="true"/>
<select idref="disable_interactive_boot" selected="true"/>
-<select idref="install_vlock_package" selected="true"/>
+<select idref="install_screen_package" selected="true"/>
<select idref="set_system_login_banner" selected="true"/>
<!-- CURRENTLY NOT IMPLEMENTED <select idref="set_gui_login_banner"
selected="true"/> -->
diff --git a/RHEL6/input/profiles/manual_remediation.xml
b/RHEL6/input/profiles/manual_remediation.xml
index 84a8fe7..ea1218d 100644
--- a/RHEL6/input/profiles/manual_remediation.xml
+++ b/RHEL6/input/profiles/manual_remediation.xml
@@ -4,7 +4,7 @@
<select idref="install_aide" selected="true"/>
<select idref="install_vsftpd" selected="true"/>
<select idref="install_openswan" selected="true"/>
-<select idref="install_vlock_package" selected="true"/>
+<select idref="install_screen_package" selected="true"/>
<select idref="bios_disable_usb_boot" selected="true"/>
<select idref="bootloader_password" selected="true"/>
<select idref="rsyslog_send_messages_to_logserver"
selected="true"/>
diff --git a/RHEL6/input/system/accounts/physical.xml
b/RHEL6/input/system/accounts/physical.xml
index a630c58..05f54e7 100644
--- a/RHEL6/input/system/accounts/physical.xml
+++ b/RHEL6/input/system/accounts/physical.xml
@@ -351,31 +351,27 @@ contents of the display from passersby.
<title>Configure Console Screen Locking</title>
<description>
A console screen locking mechanism is provided in the
-vlock package, which is not installed by default.
+<tt>screen</tt> package, which is not installed by default.
</description>
-<Rule id="install_vlock_package">
-<title>Install the vlock Package</title>
+<Rule id="install_screen_package">
+<title>Install the screen Package</title>
<description>
-To enable console screen locking, install the vlock package:
-<pre># yum install vlock</pre>
-Instruct users to invoke the program when necessary, in order
-to prevent passersby from abusing their login:
-<pre>$ vlock</pre>
-The <tt>-a</tt> option can be used to prevent switching to other
-virtual consoles.
+To enable console screen locking, install the <tt>screen</tt> package:
+<pre># yum install screen</pre>
+Instruct users to begin new terminal sessions with the following command:
+<pre>$ screen</pre>
+The console can now be locked with the following key combination:
+<pre>ctrl+a x</pre>
</description>
-<ocil clause="there is a command not found error">
-To check whether vlock has been installed, run the following command:
-<pre>$ vlock</pre>
-If vlock is available, then the terminal will lock.
+<ocil clause="the package is not installed">
+<package-check-macro package="screen" />
</ocil>
<rationale>
-Installing vlock ensures a console locking capability is available
+Installing <tt>screen</tt> ensures a console locking capability is available
for users who may need to suspend console logins.
</rationale>
<ident cce="3910-7" />
-<oval id="package_vlock_installed" />
<ref nist="CM-6, CM-7" disa="58" />
<tested by="DS" on="20121026"/>
</Rule>
--
1.7.1