Signed-off-by: David Smith <[email protected]>
---
 RHEL6/input/auxiliary/alt-titles-stig.xml   |    2 +-
 RHEL6/input/profiles/common.xml             |    2 +-
 RHEL6/input/profiles/manual_remediation.xml |    2 +-
 RHEL6/input/system/accounts/physical.xml    |   28 +++++++++++---------------
 4 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/RHEL6/input/auxiliary/alt-titles-stig.xml 
b/RHEL6/input/auxiliary/alt-titles-stig.xml
index 915bd1a..d944b48 100644
--- a/RHEL6/input/auxiliary/alt-titles-stig.xml
+++ b/RHEL6/input/auxiliary/alt-titles-stig.xml
@@ -236,7 +236,7 @@ The graphical desktop environment must have automatic lock 
enabled.
 <title rule="set_blank_screensaver" shorttitle="Implement Blank Screen Saver">
 The system must display a publicly-viewable pattern during a graphical desktop 
environment session lock.
 </title>
-<title rule="install_vlock_package" shorttitle="Install the vlock Package">
+<title rule="install_screen_package" shorttitle="Install the screen Package">
 The system must allow locking of the console screen.
 </title>
 <title rule="set_system_login_banner" shorttitle="Modify the System Login 
Banner">
diff --git a/RHEL6/input/profiles/common.xml b/RHEL6/input/profiles/common.xml
index 914ca76..3c5a381 100644
--- a/RHEL6/input/profiles/common.xml
+++ b/RHEL6/input/profiles/common.xml
@@ -67,7 +67,7 @@
 <select idref="bootloader_password" selected="true"/>
 <select idref="require_singleuser_auth" selected="true"/>
 <select idref="disable_interactive_boot" selected="true"/>
-<select idref="install_vlock_package" selected="true"/>
+<select idref="install_screen_package" selected="true"/>
 <select idref="set_system_login_banner" selected="true"/>
 <!-- CURRENTLY NOT IMPLEMENTED <select idref="set_gui_login_banner" 
selected="true"/> -->
 
diff --git a/RHEL6/input/profiles/manual_remediation.xml 
b/RHEL6/input/profiles/manual_remediation.xml
index 84a8fe7..ea1218d 100644
--- a/RHEL6/input/profiles/manual_remediation.xml
+++ b/RHEL6/input/profiles/manual_remediation.xml
@@ -4,7 +4,7 @@
 <select idref="install_aide" selected="true"/>
 <select idref="install_vsftpd" selected="true"/>
 <select idref="install_openswan" selected="true"/>
-<select idref="install_vlock_package" selected="true"/>
+<select idref="install_screen_package" selected="true"/>
 <select idref="bios_disable_usb_boot" selected="true"/>
 <select idref="bootloader_password" selected="true"/>
 <select idref="rsyslog_send_messages_to_logserver" selected="true"/>
diff --git a/RHEL6/input/system/accounts/physical.xml 
b/RHEL6/input/system/accounts/physical.xml
index a630c58..05f54e7 100644
--- a/RHEL6/input/system/accounts/physical.xml
+++ b/RHEL6/input/system/accounts/physical.xml
@@ -351,31 +351,27 @@ contents of the display from passersby.
 <title>Configure Console Screen Locking</title>
 <description>
 A console screen locking mechanism is provided in the
-vlock package, which is not installed by default.
+<tt>screen</tt> package, which is not installed by default.
 </description>
 
-<Rule id="install_vlock_package">
-<title>Install the vlock Package</title>
+<Rule id="install_screen_package">
+<title>Install the screen Package</title>
 <description>
-To enable console screen locking, install the vlock package:
-<pre># yum install vlock</pre>
-Instruct users to invoke the program when necessary, in order
-to prevent passersby from abusing their login:
-<pre>$ vlock</pre>
-The <tt>-a</tt> option can be used to prevent switching to other
-virtual consoles.
+To enable console screen locking, install the <tt>screen</tt> package:
+<pre># yum install screen</pre>
+Instruct users to begin new terminal sessions with the following command:
+<pre>$ screen</pre>
+The console can now be locked with the following key combination:
+<pre>ctrl+a x</pre>
 </description>
-<ocil clause="there is a command not found error">
-To check whether vlock has been installed, run the following command:
-<pre>$ vlock</pre>
-If vlock is available, then the terminal will lock.
+<ocil clause="the package is not installed">
+<package-check-macro package="screen" />
 </ocil>
 <rationale>
-Installing vlock ensures a console locking capability is available
+Installing <tt>screen</tt> ensures a console locking capability is available
 for users who may need to suspend console logins.
 </rationale>
 <ident cce="3910-7" />
-<oval id="package_vlock_installed" />
 <ref nist="CM-6, CM-7" disa="58" />
 <tested by="DS" on="20121026"/>
 </Rule>
-- 
1.7.1

_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide

Reply via email to