Skip to content

Ensure /var Located On Separate Partition

An XCCDF Rule

Description

The /var directory is used by daemons and other system services to store frequently-changing data. Ensure that /var has its own partition or logical volume at installation time, or migrate it using LVM.

Rationale

Ensuring that /var is mounted on its own partition enables the setting of more restrictive mount options. This helps protect system services such as daemons or other programs which use it. It is not uncommon for the /var directory to contain world-writable directories installed by other software packages.

ID
xccdf_org.ssgproject.content_rule_partition_for_var
Severity
Low
References
Updated



Remediation - OS Build Blueprint


[[customizations.filesystem]]
mountpoint = "/var"
size = 3221225472

Remediation - Anaconda Pre-Install Instructions


part /var