Guide to the Secure Configuration of Oracle Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
use_ecryptfs_home_dirs SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
user_exec_content SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xdm_bind_vnc_tcp_port SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xdm_exec_bootloader SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xdm_sysadm_login SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xdm_write_home SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xguest_connect_network SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xguest_exec_content SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xguest_mount_media SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xguest_use_bluetooth SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xserver_clients_write_xshm SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xserver_execmem SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
xserver_object_manager SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
Disable the abrt_handle_event SELinux Boolean
By default, the SELinux boolean <code>abrt_handle_event</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>abrt_handle_event</code> SELinux boolean, run th...Rule Medium Severity -
Enable the auditadm_exec_content SELinux Boolean
By default, the SELinux boolean <code>auditadm_exec_content</code> is enabled. If this setting is disabled, it should be enabled. To enable the <code>auditadm_exec_content</code> SELinux boolean, ...Rule Medium Severity -
Disable the cron_can_relabel SELinux Boolean
By default, the SELinux boolean <code>cron_can_relabel</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>cron_can_relabel</code> SELinux boolean, run the ...Rule Medium Severity -
Disable the cron_system_cronjob_use_shares SELinux Boolean
By default, the SELinux boolean <code>cron_system_cronjob_use_shares</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>cron_system_cronjob_use_shares</cod...Rule Medium Severity -
Enable the cron_userdomain_transition SELinux Boolean
By default, the SELinux boolean <code>cron_userdomain_transition</code> is enabled. This setting should be enabled as end user cron jobs run in their default associated user domain(s) instead of th...Rule Medium Severity -
Disable the daemons_dump_core SELinux Boolean
By default, the SELinux boolean <code>daemons_dump_core</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>daemons_dump_core</code> SELinux boolean, run th...Rule Medium Severity -
Disable the daemons_use_tcp_wrapper SELinux Boolean
By default, the SELinux boolean <code>daemons_use_tcp_wrapper</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>daemons_use_tcp_wrapper</code> SELinux boo...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.