Description
The xinetd package can be removed with the following command:
Rationale
Removing the xinetd package decreases the risk of the
xinetd service’s accidental (or intentional) activation.
Shell script
The following script can be run on the host to remediate the issue.
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
# CAUTION: This remediation script will remove xinetd
# from the system, and may remove any packages
# that depend on xinetd. Execute this
# remediation AFTER testing on a non-production
# system!
DEBIAN\_FRONTEND=noninteractive apt-get remove -y "xinetd"
else
>&2 echo 'Remediation is not applicable, nothing was done'
fi
Ansible playbook
The following playbook can be run with Ansible to remediate the issue.
- name: Ensure xinetd is removed
package:
name: xinetd
state: absent
when: ansible\_virtualization\_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- NIST-800-53-CM-6(a)
- NIST-800-53-CM-7(a)
- NIST-800-53-CM-7(b)
- PCI-DSSv4-2.2.4
- disable\_strategy
- low\_complexity
- low\_disruption
- low\_severity
- no\_reboot\_needed
- package\_xinetd\_removed
