RHEL 10 must disable the ability of systemd to spawn an interactive boot process.

STIG ID: RHEL-10-700980  |  SRG: SRG-OS-000095-GPOS-00049 |  Severity: medium (CAT II)  |  CCI: CCI-000381 |  Vulnerability Id: V-281300

Vulnerability Discussion

Using interactive or recovery boot, the console user could disable auditing, firewalls, or other services, weakening system security.

Check

Verify RHEL 10 is configured so that the current GRUB 2 configuration disables the ability of systemd to spawn an interactive boot process with the following command:

$ sudo grubby --info=ALL | grep args | grep 'systemd.confirm_spawn'

If any output is returned, this is a finding.

Fix

Configure RHEL 10 so that the current GRUB 2 configuration disables the ability of systemd to spawn an interactive boot process with the following command:

$ sudo grubby --update-kernel=ALL --remove-args="systemd.confirm_spawn"
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.