RHEL 9 file system automount function must be disabled unless required.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-257849	SRG-OS-000114-GPOS-00059	RHEL-09-231040	SV-257849r1044928_rule	2025-02-27	2

Description
An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227

ℹ️ Check
Note: If the autofs service is not installed, this requirement is Not Applicable. Verify that the RHEL 9 file system automount function has been disabled with the following command: $ systemctl is-enabled autofs masked If the returned value is not "masked", "disabled", or "Failed to get unit file state for autofs.service for autofs" and is not documented as an operational requirement with the information system security officer (ISSO), this is a finding.

ℹ️ Check

Note: If the autofs service is not installed, this requirement is Not Applicable. Verify that the RHEL 9 file system automount function has been disabled with the following command: $ systemctl is-enabled autofs masked If the returned value is not "masked", "disabled", or "Failed to get unit file state for autofs.service for autofs" and is not documented as an operational requirement with the information system security officer (ISSO), this is a finding.

✔️ Fix
Configure RHEL 9 to disable the ability to automount devices. The autofs service can be disabled with the following command: $ sudo systemctl mask --now autofs.service