Guide to the Secure Configuration of Red Hat Enterprise Linux 10
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Maximum audit log file size for auditd
The setting for max_log_file in /etc/audit/auditd.confValue -
Action for auditd to take when log files reach their maximum size
The setting for max_log_file_action in /etc/audit/auditd.conf. The following options are available: <br>ignore - audit daemon does nothing. <br>sys...Value -
Type of hostname to record the audit event
Type of hostname to record the audit eventValue -
Number of log files for auditd to retain
The setting for num_logs in /etc/audit/auditd.confValue -
Size remaining in disk space before prompting space_left_action
The setting for space_left (MB) in /etc/audit/auditd.confValue -
Action for auditd to take when disk space just starts to run low
The setting for space_left_action in /etc/audit/auditd.confValue -
The percentage remaining in disk space before prompting space_left_action
The setting for space_left as a percentage in /etc/audit/auditd.confValue -
Configure a Sufficiently Large Partition for Audit Logs
The Red Hat Enterprise Linux 10 operating system must allocate audit record storage capacity to store at least one weeks worth of audit records whe...Rule Medium Severity -
Configure auditd to use audispd's syslog plugin
To configure the <code>auditd</code> service to use the <code>syslog</code> plug-in of the <code>audispd</code> audit event multiplexor, set the <c...Rule Medium Severity -
Configure auditd Disk Error Action on Disk Error
The <code>auditd</code> service can be configured to take an action when there is a disk error. Edit the file <code>/etc/audit/auditd.conf</code>. ...Rule Medium Severity -
Uninstall iprutils Package
Theiprutilspackage can be removed with the following command:$ sudo dnf remove iprutils
Rule Medium Severity -
Uninstall tuned Package
Thetunedpackage can be removed with the following command:$ sudo dnf remove tuned
Rule Medium Severity -
Updating Software
The <code>dnf</code> command line tool is used to install and update software packages. The system also provides a graphical software update tool i...Group -
Install dnf-automatic Package
Thednf-automaticpackage can be installed with the following command:$ sudo dnf install dnf-automatic
Rule Medium Severity -
Ensure dnf Removes Previous Package Versions
<code>dnf</code> should be configured to remove previous software components after new versions have been installed. To configure <code>dnf</code> ...Rule Low Severity -
Configure dnf-automatic to Install Available Updates Automatically
To ensure that the packages comprising the available updates will be automatically installed by <code>dnf-automatic</code>, set <code>apply_updates...Rule Medium Severity -
Ensure that Root's Path Does Not Include World or Group-Writable Directories
For each element in root's path, run:# ls -ld DIRand ensure that write permissions are disabled for group and other.Rule Medium Severity -
Enable the auditadm_exec_content SELinux Boolean
By default, the SELinux boolean <code>auditadm_exec_content</code> is enabled. If this setting is disabled, it should be enabled. To enable the <c...Rule Medium Severity -
Disable the authlogin_nsswitch_use_ldap SELinux Boolean
By default, the SELinux boolean <code>authlogin_nsswitch_use_ldap</code> is disabled. If this setting is enabled, it should be disabled. To disabl...Rule Medium Severity -
Disable the authlogin_radius SELinux Boolean
By default, the SELinux boolean <code>authlogin_radius</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.