Guide to the Secure Configuration of Oracle Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure All Accounts on the System Have Unique User IDs
Change user IDs (UIDs), or delete accounts, so each has a unique name.Rule Medium Severity -
Only Authorized Local User Accounts Exist on Operating System
Enterprise Application tends to use the server or virtual machine exclusively. Besides the default operating system user, there should be only authorized local users required by the installed softw...Rule Medium Severity -
number of days after the last login of the user when the user will be locked out
'This option is specific for the auth or account phase. It specifies the number of days after the last login of the user when the user will be locked out by the pam_lastlog module.'Value -
number of days after a password expires until the account is permanently disabled
The number of days to wait after a password expires, until the account will be permanently disabled.Value -
Set Account Expiration Following Inactivity in password-auth
Verify the account identifiers (individuals, groups, roles, and devices) are disabled after <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_account_disable_inactivity" use="legacy"></x...Rule Medium Severity -
Set Account Expiration Following Inactivity in system-auth
Verify the account identifiers (individuals, groups, roles, and devices) are disabled after <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_account_disable_inactivity" use="legacy"></x...Rule Medium Severity -
Ensure All Accounts on the System Have Unique Names
Ensure accounts on the system have unique names. To ensure all accounts have unique names, run the following command: <pre>$ sudo getent passwd | awk -F: '{ print $1}' | uniq -d</pre> If a usernam...Rule Medium Severity -
Use Centralized and Automated Authentication
Implement an automated system for managing user accounts that minimizes the risk of errors, either intentional or deliberate. This system should integrate with an existing enterprise user managemen...Rule Medium Severity -
maximum password age
Maximum age of password in daysValue -
minimum password age
Minimum age of password in daysValue
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.