Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Anolis OS 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Audit Configuration Files Permissions are 640 or More Restrictive

    All audit configuration files permissions must be 640 or more restrictive. 
    chmod 0640 /etc/audit/audit*.{rules,conf} /etc/audit/rules.d/*
    Rule Medium Severity
    Show

  • Record Events that Modify the System's Discretionary Access Controls

    At a minimum, the audit system should collect file permission changes for all users and root. Note that the "-F arch=b32" lines should be present e...
    Group
    Show

  • Action for audispd to take when network fails

    The setting for network_failure_action in /etc/audisp/audisp-remote.conf
    Value
    Show

  • Record Events that Modify the System's Discretionary Access Controls - chmod

    At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...
    Rule Medium Severity
    Show

  • Record Events that Modify the System's Discretionary Access Controls - chown

    At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...
    Rule Medium Severity
    Show

  • Record Events that Modify the System's Discretionary Access Controls - fchmod

    At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...
    Rule Medium Severity
    Show

  • Record Events that Modify the System's Discretionary Access Controls - fchmodat

    At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...
    Rule Medium Severity
    Show

  • Record Events that Modify the System's Discretionary Access Controls - fchown

    At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...
    Rule Medium Severity
    Show

  • Remote server for audispd to send audit records

    The setting for remote_server in /etc/audisp/audisp-remote.conf
    Value
    Show

  • Account for auditd to send email when actions occurs

    The setting for action_mail_acct in /etc/audit/auditd.conf
    Value
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules