Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable Smartcards in SSSD

    SSSD should be configured to authenticate access to the system using smart cards. To enable smart cards in SSSD, set <code>pam_cert_auth</code> to ...
    Rule Medium Severity
  • SSSD Has a Correct Trust Anchor

    SSSD must have acceptable trust anchor present.
    Rule Medium Severity
  • Configure SSSD's Memory Cache to Expire

    SSSD's memory cache should be configured to set to expire records after <code><xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_sssd_mem...
    Rule Medium Severity
  • Configure SSSD to Expire Offline Credentials

    SSSD should be configured to expire offline credentials after 1 day. Check if SSSD allows cached authentications with the following command: <pre>...
    Rule Medium Severity
  • Configure SSSD to run as user sssd

    SSSD processes should be configured to run as user sssd, not root.
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules