RHEL 9 must have the sudo package installed.

STIG ID: RHEL-09-432010  |  SRG: SRG-OS-000324-GPOS-00125 |  Severity: medium |  CCI: CCI-002235 |  Vulnerability Id: V-258083 | 

Vulnerability Discussion

"sudo" is a program designed to allow a system administrator to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow system users to get their work done.

Check

Verify that RHEL 9 sudo package is installed with the following command:

$ sudo dnf list --installed sudo

Example output:

sudo.x86_64 1.9.5p2-7.el9

If the "sudo" package is not installed, this is a finding.

Fix

The sudo package can be installed with the following command:

$ sudo dnf install sudo