Skip to content

Guide to the Secure Configuration of Anolis OS 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Record Execution Attempts to Run ACL Privileged Commands

    At a minimum, the audit system should collect the execution of ACL privileged commands for all users and root.
    Group
  • Action for auditd to take when disk space is low

    The setting for admin_space_left_action in /etc/audit/auditd.conf
    Value
  • The percentage remaining in disk space before prompting admin_space_left_action

    The setting for admin_space_left as a percentage in /etc/audit/auditd.conf
    Value
  • Record File Deletion Events by User

    At a minimum, the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use t...
    Group
  • Ensure auditd Collects File Deletion Events by User

    At a minimum the audit system should collect file deletion events for all users and root. If the <code>auditd</code> daemon is configured to use th...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules