このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
autofs allows automatic mounting of devices, typically including CD/DVDs and USB
drives.
The autofs package can be removed with the following command:
Rationale
With automounting enabled anyone with physical access could attach a USB drive or
disc and have its contents available in the filesystem even if they lacked permissions to
mount it themselves.
Shell script
The following script can be run on the host to remediate the issue.
#!/bin/bash
# CAUTION: This remediation script will remove autofs
# from the system, and may remove any packages
# that depend on autofs. Execute this
# remediation AFTER testing on a non-production
# system!
DEBIAN_FRONTEND=noninteractive apt-get remove -y "autofs"
Ansible playbook
The following playbook can be run with Ansible to remediate the issue.
- name: 'Remove autofs Package: Ensure autofs is removed'
ansible.builtin.package:
name: autofs
state: absent
tags:
- disable_strategy
- low_complexity
- low_disruption
- low_severity
- no_reboot_needed
- package_autofs_removed
