Guide to the Secure Configuration of Oracle Linux 9
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure AIDE to Verify the Audit Tools
The operating system file integrity tool must be configured to protect the integrity of the audit tools.Rule Medium Severity -
Federal Information Processing Standard (FIPS)
The Federal Information Processing Standard (FIPS) is a computer security standard which is developed by the U.S. Government and industry working g...Group -
Configure Periodic Execution of AIDE
At a minimum, AIDE should be configured to run a weekly scan. To implement a daily execution of AIDE at 4:05am using cron, add the following line t...Rule Medium Severity -
Configure Notification of Post-AIDE Scan Details
AIDE should notify appropriate personnel of the details of a scan after the scan has been run. If AIDE has already been configured for periodic exe...Rule Medium Severity -
Configure AIDE to Verify Access Control Lists (ACLs)
By default, the <code>acl</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>acl</code> optio...Rule Low Severity -
Configure AIDE to Verify Extended Attributes
By default, the <code>xattrs</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>xattrs</code>...Rule Low Severity -
Audit Tools Must Be Group-owned by Root
Oracle Linux 9 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing ...Rule Medium Severity -
Audit Tools Must Be Owned by Root
Oracle Linux 9 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing ...Rule Medium Severity -
Audit Tools Must Have a Mode of 0755 or Less Permissive
Oracle Linux 9 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing ...Rule Medium Severity -
Enable Dracut FIPS Module
To enable FIPS mode, run the following command: <pre>fips-mode-setup --enable</pre> To enable FIPS, the system requires that the <code>fips</code> ...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules