Guide to the Secure Configuration of SUSE Linux Enterprise 12
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Add nosuid Option to /var
The <code>nosuid</code> mount option can be used to prevent execution of setuid programs in <code>/var</code>. The SUID and SGID permissions should...Rule Medium Severity -
Disable httpd Service
Thehttpdservice can be disabled with the following command:$ sudo systemctl mask --now httpd.service
Rule Unknown Severity -
389 Directory Server
389 Directory Server is a popular open-source LDAP server for Linux.Group -
Configure Systemd Timesyncd Servers
<code>systemd-timesyncd</code> is a daemon that has been added for synchronizing the system clock across the network. The <code>systemd-timesyncd</...Rule Medium Severity -
Configure Systemd Timesyncd Root Distance Servers
<code>systemd-timesyncd</code> server configuration should have RootDistanceMaxSec is listed in accordance with local policy. This setting describe...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules