The OL 8 file system automounter must be disabled.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-248836 | SRG-OS-000114-GPOS-00059 | OL08-00-040070 | SV-248836r1156663_rule | 2026-02-13 | 2 |
Description
Verify the operating system disables the ability to automount devices.
Determine if automounter service is active with the following command:
$ sudo systemctl status autofs
autofs.service - Automounts filesystems on demand
Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)
Active: inactive (dead)
If the "autofs" status is set to "active" and is not documented with the information system security officer (ISSO) as an operational requirement, this is a finding.
ℹ️ Check
Verify OL 8 disables the ability to automount devices.
Determine if the automounter service is active with the following command:
$ sudo systemctl status autofs
autofs.service - Automounts filesystems on demand
Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)
Active: inactive (dead)
If the "autofs" status is set to "active" this is a finding.
✔️ Fix
Configure OL 8 to disable the ability to automount devices.
Turn off the automount service with the following commands:
$ sudo systemctl stop autofs
$ sudo systemctl disable autofs