ansible-lockdown / RHEL7-STIG

Describe the Issue
RHEL-07-010110 task is setting the org/gnome/desktop/screensaver lock-delay value to uint32 900, but per the STIG text (validated with v3r5 and the new v3r6), this should be uint32 5.

(The task for idle-delay, RHEL-07-010070, is correct at 900)

Expected Behavior
Task RHEL-07-010110 in fix-cat2.yaml should set the dconf value for [org/gnome/desktop/screensaver] lock-delay to uint32 5.

Actual Behavior
Value is being set to uint32 900.

Control(s) Affected
RHEL-07-010110

Possible Solution
Update:

RHEL7-STIG/tasks/fix-cat2.yml

Lines 195 to 197 in 1909132

    
                 content: | 
        
                     [org/gnome/desktop/screensaver] 
        
                     lock-delay=uint32 900

to:

      content: |
          [org/gnome/desktop/screensaver]
          lock-delay=uint32 5

hi @danbarr

Thanks as always for your feedback. I have added the update to the AAP branch which will look to merge before we release the new STIG (which is going through testing and audit alignment).

Regards

uk-bolly

	content: \|
	[org/gnome/desktop/screensaver]
	lock-delay=uint32 900

RHEL-07-010110 setting incorrect lock-delay value