openstack/ansible-hardening
Code Issues Proposed changes
ansible-hardening/doc/metadata/rhel7/RHEL-07-021260.rst
Major Hayden 325fe758d3 Ensure separate filesystems exist [+Docs] 
This STIG has requirements for separate filesystems for some mounts, but this
can only be done during the initial provisioning process.

Documentation is included.

Implements: blueprint security-rhel7-stig
Change-Id: I70b6e929b54648bfa7af62005a7d9ab2f397db22
2016-12-09 18:22:44 +00:00

14 lines
470 B
ReStructuredText
Raw Blame History

---
id: RHEL-07-021260
status: exception - initial provisioning
tag: misc
---
Deployers should consider using filesystem mounts for ``/var/log/audit`` during
the initial server provisioning process. Adding filesystem mounts after a
system is provisioned might lead to downtime.
The tasks in the security role do not take action on filesystem mounts. If the
server does not mount ``/var/log/audit`` as a separate filesystem, a warning is
printed in the Ansible output.
View Git Blame Copy Permalink