Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
System Audit Logs Must Have Mode 0750 or Less Permissive
If <code>log_group</code> in <code>/etc/audit/auditd.conf</code> is set to a group other than the <code>root</code> group account, change the mode...Rule Medium Severity -
Audit Configuration Files Must Be Owned By Group root
All audit configuration files must be owned by group root.chown :root /etc/audit/audit*.{rules,conf} /etc/audit/rules.d/*
Rule Medium Severity -
Audit Configuration Files Must Be Owned By Root
All audit configuration files must be owned by root user. To properly set the owner of <code>/etc/audit/</code>, run the command: <pre>$ sudo chow...Rule Medium Severity -
System Audit Logs Must Be Owned By Root
All audit logs must be owned by root user and group. By default, the path for audit log is <pre>/var/log/audit/</pre>. To properly set the owner o...Rule Medium Severity -
Audit Configuration Files Permissions are 640 or More Restrictive
All audit configuration files permissions must be 640 or more restrictive.chmod 0640 /etc/audit/audit*.{rules,conf} /etc/audit/rules.d/*
Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules