Details

The automount daemon is normally used to automatically mount NFS file systems from

remote file servers when needed. However, the automount daemon can also be configured

to mount local (loopback) file systems as well, which may include local user home

directories, depending on the system configuration.

Rationale:

This service should be disabled if it is not required.

Solution

To disable this service, run the following command:

# svcadm disable svc:/system/filesystem/autofs

Notes:

By default, the Solaris 11 OS uses the automount service for local user home directories, so
it should not be disabled without adjusting the home directory setting of each local user.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2582

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

• 800-53|SI-4
• CSCv6|9.1
• CSCv7|9.2

Source

• Tenable.com/audits