Skip to content

Guide to the Secure Configuration of Ubuntu 16.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Action for auditd to take when disk is full

    'The setting for disk_full_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt...
    Value
  • Auditd priority for flushing data to disk

    The setting for flush in /etc/audit/auditd.conf
    Value
  • Number of Record to Retain Before Flushing to Disk

    The setting for freq in /etc/audit/auditd.conf
    Value
  • Maximum audit log file size for auditd

    The setting for max_log_file in /etc/audit/auditd.conf
    Value
  • Record Events that Modify User/Group Information

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity
  • System Audit Logs Must Have Mode 0750 or Less Permissive

    If <code>log_group</code> in <code>/etc/audit/auditd.conf</code> is set to a group other than the <code>root</code> group account, change the mode...
    Rule Medium Severity
  • Audit Configuration Files Must Be Owned By Group root

    All audit configuration files must be owned by group root.
    chown :root /etc/audit/audit*.{rules,conf} /etc/audit/rules.d/*
    Rule Medium Severity
  • Audit Configuration Files Must Be Owned By Root

    All audit configuration files must be owned by root user. To properly set the owner of <code>/etc/audit/</code>, run the command: <pre>$ sudo chow...
    Rule Medium Severity
  • System Audit Logs Must Be Owned By Root

    All audit logs must be owned by root user and group. By default, the path for audit log is <pre>/var/log/audit/</pre>. To properly set the owner o...
    Rule Medium Severity
  • Audit Configuration Files Permissions are 640 or More Restrictive

    All audit configuration files permissions must be 640 or more restrictive.
    chmod 0640 /etc/audit/audit*.{rules,conf} /etc/audit/rules.d/*
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules