RHEL 10 must have the "sudo" package installed.

STIG ID: RHEL-10-200590  |  SRG: SRG-OS-000324-GPOS-00125 |  Severity: medium (CAT II)  |  CCI: CCI-002235 |  Vulnerability Id: V-280968

Vulnerability Discussion

The "sudo" package is a program designed to allow a system administrator to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow system users to complete their work.

Check

Verify RHEL 10 has the "sudo" package installed with the following command:

$ sudo dnf list --installed sudo
Installed Packages
sudo.x86_64 1.9.15-8.p5.el10_0.2 @rhel-10-for-x86_64-baseos-rpms

If the "sudo" package is not installed, this is a finding.

Fix

Configure RHEL 10 to have the "sudo" package installed with the following command:

$ sudo dnf -y install sudo
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.