Guide to the Secure Configuration of Red Hat Enterprise Linux 9
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure auditing of successful file creations (AArch64)
Ensure that successful attempts to create a file are audited. The following rules configure audit as described above: <pre>## Successful file crea...Rule Medium Severity -
cvs_read_shadow SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
Configure auditing of successful file creations (ppc64le)
Ensure that successful attempts to create a file are audited. The following rules configure audit as described above: <pre>## Successful file crea...Rule Medium Severity -
Configure auditing of unsuccessful file deletions
Ensure that unsuccessful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of unsuccessful file deletions (AArch64)
Ensure that unsuccessful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of unsuccessful file deletions (ppc64le)
Ensure that unsuccessful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of successful file deletions
Ensure that successful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Successful file dele...Rule Medium Severity -
Configure auditing of successful file deletions (AArch64)
Ensure that successful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Successful file dele...Rule Medium Severity -
Ensure syslog-ng is Installed
syslog-ng can be installed in replacement of rsyslog. The <code>syslog-ng-core</code> package can be installed with the following command: <pre> $ ...Rule Medium Severity -
Configure auditing of successful file deletions (ppc64le)
Ensure that successful attempts to delete a file are audited. The following rules configure audit as described above: <pre>## Successful file dele...Rule Medium Severity -
Configure immutable Audit login UIDs
Configure kernel to prevent modification of login UIDs once they are set. Changing login UIDs while this configuration is enforced requires special...Rule Medium Severity -
Configure auditing of unsuccessful file modifications
Ensure that unsuccessful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of unsuccessful file modifications (AARch64)
Ensure that unsuccessful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of unsuccessful file modifications (ppc64le)
Ensure that unsuccessful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Unsuccessful file ...Rule Medium Severity -
Configure auditing of successful file modifications
Ensure that successful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Successful file modi...Rule Medium Severity -
Enable syslog-ng Service
The <code>syslog-ng</code> service (in replacement of rsyslog) provides syslog-style logging by default on Debian. The <code>syslog-ng</code> serv...Rule Medium Severity -
Configure auditing of successful file modifications (AArch64)
Ensure that successful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Successful file modi...Rule Medium Severity -
Configure auditing of successful file modifications (ppc64le)
Ensure that successful attempts to modify a file are audited. The following rules configure audit as described above: <pre>## Successful file modi...Rule Medium Severity -
Configure auditing of loading and unloading of kernel modules
Ensure that loading and unloading of kernel modules is audited. The following rules configure audit as described above: <pre>## These rules watch ...Rule Medium Severity -
Configure auditing of loading and unloading of kernel modules (ppc64le)
Ensure that loading and unloading of kernel modules is audited. The following rules configure audit as described above: <pre>## These rules watch ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.