Skip to content
Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux CoreOS 4

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Configure SELinux Policy

    The SELinux <code>targeted</code> policy is appropriate for general-purpose desktops and servers, as well as systems in many other roles. To configure the system to use this policy, add or correct ...
    Rule Medium Severity
    Show

  • SELinux - Booleans

    Enable or Disable runtime customization of SELinux system policies without having to reload or recompile the SELinux policy.
    Group
    Show

  • deny_execmem SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • polyinstantiation_enabled SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • secure_mode_insmod SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • selinuxuser_execheap SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • selinuxuser_execstack SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • Disable All NFS Services if Possible

    If there is not a reason for the system to operate as either an NFS client or an NFS server, follow all instructions in this section to disable subsystems required by NFS.
    Group
    Show

  • Avahi Server

    The Avahi daemon implements the DNS Service Discovery and Multicast DNS protocols, which provide service and host discovery on a network. It allows a system to automatically identify resources on t...
    Group
    Show

  • Configure Avahi if Necessary

    If your system requires the Avahi daemon, its configuration can be restricted to improve security. The Avahi daemon configuration file is <code>/etc/avahi/avahi-daemon.conf</code>. The following se...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules