Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Configure Security Tools to Improve System Robustness

    Several tools exist which can be effectively used to improve a system's resistance to and detection of unknown attacks. These tools can improve rob...
    Group
    Show

  • Formatting Conventions

    Commands intended for shell execution, as well as configuration file text, are featured in a <code>monospace font</code>. <i>Italics</i> are used t...
    Group
    Show

  • Read Sections Completely and in Order

    Each section may build on information and recommendations discussed in prior sections. Each section should be read and understood completely; instr...
    Group
    Show

  • Reboot Required

    A system reboot is implicitly required after some actions in order to complete the reconfiguration of the system. In many cases, the changes will n...
    Group
    Show

  • Root Shell Environment Assumed

    Most of the actions listed in this document are written with the assumption that they will be executed by the root user running the <code>/bin/bash...
    Group
    Show

  • Test in Non-Production Environment

    This guidance should always be tested in a non-production environment before deployment. This test environment should simulate the setup in which t...
    Group
    Show

  • Set existing passwords a period of inactivity before they been locked

    Configure user accounts that have been inactive for over a given period of time to be automatically disabled by running the following command: <pre...
    Rule Medium Severity
    Show

  • Restrict unprivileged access to the kernel syslog

    Enforce restrictions on unprivileged users reading the kernel syslog via dmesg(8). The configuration that was used to build kernel is available at...
    Rule Medium Severity
    Show

  • Verify Permissions and Ownership of Old Passwords File

    To properly set the owner of <code>/etc/security/opasswd</code>, run the command: <pre>$ sudo chown root /etc/security/opasswd </pre> To properly ...
    Rule Medium Severity
    Show

  • Verify Group Who Owns /etc/shells File

    To properly set the group owner of /etc/shells, run the command: 
    $ sudo chgrp root /etc/shells
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules