SCAP rule "network_nmcli_permissions" fails remediation when "polkit-pkla-compat" is absent on RHEL 9

Solution Verified - Updated -

Issue

  • When attempting to remediate the SCAP rule xccdf_org.ssgproject.content_rule_network_nmcli_permissions on RHEL 9 using oscap with theSTIG profile, the remediation fails if the package polkit-pkla-compat is not installed. This results in the rule not applying the necessary restrictions, allowing non-privileged users to still modify network interfaces using the nmcli command.

Environment

  • Red Hat Enterprise Linux 9
  • scap-security-guide-0.1.76-1.el9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content