Rules Related To 'tmux'

Component overview

Relevant packages:

Relevant groups:

None

Changelog:

No changes recorded.

Relevant rules:

Rule details

Support session locking with tmux

configure_bashrc_exec_tmux

Description

The tmux terminal multiplexer is used to implement automatic session locking. It should be started from /etc/bashrc or drop-in files within /etc/profile.d/.

Rationale

Unlike bash itself, the tmux terminal multiplexer provides a mechanism to lock sessions after period of inactivity. A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.

Support session locking with tmux (not enforcing)

configure_bashrc_tmux

Description

The tmux terminal multiplexer is used to implement automatic session locking. It should be started from /etc/bashrc or drop-in files within /etc/profile.d/.

Rationale

Unlike bash itself, the tmux terminal multiplexer provides a mechanism to lock sessions after period of inactivity. A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.

Install the tmux Package

package_tmux_installed

Description

To enable console screen locking, install the tmux package. The tmux package can be installed with the following command:

$ sudo dnf install tmux
A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, Amazon Linux 2023 needs to provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity. Instruct users to begin new terminal sessions with the following command:
$ tmux
The console can now be locked with the following key combination:
ctrl+b :lock-session

Rationale

A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operation system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.

The tmux package allows for a session lock to be implemented and configured.

Configure the tmux Lock Command

configure_tmux_lock_command

Description

To enable console screen locking in tmux terminal multiplexer, the vlock command must be configured to be used as a locking mechanism. Add the following line to /etc/tmux.conf:

set -g lock-command vlock
. The console can now be locked with the following key combination:
ctrl+b :lock-session

Rationale

The tmux package allows for a session lock to be implemented and configured. However, the session lock is implemented by an external command. The tmux default configuration does not contain an effective session lock.

Configure tmux to lock session after inactivity

configure_tmux_lock_after_time

Description

To enable console screen locking in tmux terminal multiplexer after a period of inactivity, the lock-after-time option has to be set to a value greater than 0 and less than or equal to 900 in /etc/tmux.conf.

Rationale

Locking the session after a period of inactivity limits the potential exposure if the session is left unattended.

Configure the tmux lock session key binding

configure_tmux_lock_keybinding

Description

To set a key binding for the screen locking in tmux terminal multiplexer, the session-lock command must be bound to a key. Add the following line to /etc/tmux.conf:

bind X lock-session
. The console can now be locked with the following key combination:
Ctrl+b Shift+x

Rationale

The tmux package allows for a session lock to be implemented and configured. However, the session lock is implemented by an external command. The tmux default configuration does not contain an effective session lock.