Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Oracle Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Don't target root user in the sudoers file

    The targeted users of a user specification should be, as much as possible, non privileged users (i.e.: non-root). User specifications have to expl...
    Rule Medium Severity
    Show

  • Updating Software

    The <code>dnf</code> command line tool is used to install and update software packages. The system also provides a graphical software update tool i...
    Group
    Show

  • Install dnf-automatic Package

    The dnf-automatic package can be installed with the following command: 
    $ sudo dnf install dnf-automatic
    Rule Medium Severity
    Show

  • Configure dnf-automatic to Install Available Updates Automatically

    To ensure that the packages comprising the available updates will be automatically installed by <code>dnf-automatic</code>, set <code>apply_updates...
    Rule Medium Severity
    Show

  • Configure dnf-automatic to Install Only Security Updates

    To configure <code>dnf-automatic</code> to install only security updates automatically, set <code>upgrade_type</code> to <code>security</code> unde...
    Rule Low Severity
    Show

  • Ensure gpgcheck Enabled In Main dnf Configuration

    The <code>gpgcheck</code> option controls whether RPM packages' signatures are always checked prior to installation. To configure dnf to check pack...
    Rule High Severity
    Show

  • Password Hashing algorithm

    Specify the system default encryption algorithm for encrypting passwords. Defines the value set as ENCRYPT_METHOD in /etc/login.defs.
    Value
    Show

  • Password Hashing algorithm for pam_unix.so

    Specify the system default encryption algorithm for encrypting passwords. Defines the hashing algorithm to be used in pam_unix.so.
    Value
    Show

  • Ensure gpgcheck Enabled for Local Packages

    <code>dnf</code> should be configured to verify the signature(s) of local packages prior to installation. To configure <code>dnf</code> to verify s...
    Rule High Severity
    Show

  • Ensure gpgcheck Enabled for All dnf Package Repositories

    To ensure signature checking is not disabled for any repos, remove any lines from files in <code>/etc/yum.repos.d</code> of the form: <pre>gpgcheck...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules