← Back to Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide

V-270674

CAT II (Medium)

Ubuntu 24.04 LTS must allow users to directly initiate a session lock for all connection types.

Rule ID

SV-270674r1067167_rule

STIG

Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide

Version

V1R5

CCIs

CCI-000060 CCI-000057

Discussion

A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, Ubuntu 24.04 LTSs need to provide users with the ability to manually invoke a session lock so users may secure their session if they need to temporarily vacate the immediate physical vicinity. Satisfies: SRG-OS-000031-GPOS-00012, SRG-OS-000030-GPOS-00011

Check Content

Verify Ubuntu 24.04 LTS has the "vlock" package installed with the following command: 
 
$ dpkg -l | grep vlock 
ii  vlock     2.2.2-10     amd64     Virtual Console locking program
 
If "vlock" is not installed, this is a finding.

Fix Text

Install the "vlock" package (if it is not already installed) by running the following command: 
 
$ sudo apt install -y vlock