Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure auditd Collects Information on the Use of Privileged Commands - reboot

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Verify the UEFI Boot Loader grub.cfg User Ownership

    The file <code>/boot/efi/EFI/redhat/grub.cfg</code> should be owned by the <code>root</code> user to prevent destruction or modification of the fil...
    Rule Medium Severity
  • cron_system_cronjob_use_shares SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
  • Verify /boot/efi/EFI/redhat/user.cfg User Ownership

    The file <code>/boot/efi/EFI/redhat/user.cfg</code> should be owned by the <code>root</code> user to prevent reading or modification of the file. ...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - shutdown

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands

    The audit system should collect information about usage of privileged commands for all users. These are commands with suid or sgid bits on and they...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - at

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - chage

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Record Any Attempts to Run ssh-agent

    At a minimum, the audit system should collect any execution attempt of the <code>ssh-agent</code> command for all users and root. If the <code>audi...
    Rule Medium Severity
  • Action for auditd to take when disk is full

    'The setting for disk_full_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt...
    Value

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules