CCE-90704-8Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable Quota Netlink (quota_nld)
The 'quota_nld' service provides notifications to
users of disk space quota violations. It listens to the kernel via a netlink
socket for disk quota violations and notifies the appropriate user of the
violation using D-Bus or by sending a message to the terminal that the user has
last accessed.
The 'quota_nld' service can be disabled with the following command:
'$ sudo systemctl disable quota_nld'
Parameter:
Technical Mechanism:
If disk quotas are enforced on the local system, then the
'quota_nld' service likely provides useful functionality and should
remain enabled. However, if disk quotas are not used or user notification of
disk quota violation is not desired then there is no need to run this
service.
Fix:
#
# Disable quota_nld.service for all systemd targets
#
systemctl disable quota_nld.service
#
# Stop quota_nld.service if currently running
#
systemctl stop quota_nld.service
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31118 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30395 |