a841e184de
This patch updates the documentation for the developer notes associated with the Cat 2 (Medium) controls applied by the security role. Partial-bug: 1583744 Change-Id: Ic342f33942521db009185585a21208a4688f6ed3
21 lines
676 B
ReStructuredText
21 lines
676 B
ReStructuredText
**Exception**
|
|
|
|
The STIG requires that the audit system must switch the entire system into
|
|
single-user mode when the space for logging becomes dangerously low.
|
|
|
|
.. note::
|
|
|
|
**This will cause serious service disruptions for any environment and
|
|
should only be enabled for extremely high security environments.**
|
|
|
|
The ``security_admin_space_left_action`` configuration is set to ``SUSPEND`` by
|
|
default, and this will cause logging to be temporarily suspended until disk
|
|
space is freed.
|
|
|
|
For extremely high security environments, this Ansible variable can be
|
|
provided to meet the requirements of the STIG:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_admin_space_left_action: SINGLE
|