dccce1d5cc
This patch gets the docs adjusted to work with the new RHEL 7 STIG version 1 release. The new STIG release has changed all of the numbering, but it maintains a link to (most) of the old STIG IDs in the XML. Closes-bug: 1676865 Change-Id: I65023fe63163c9804a3aec9dcdbf23c69bedb604
797 B
797 B
---id: V-71849 status: opt-in tag: file_perms ---
Note
Ubuntu's debsums command does not support verification
of permissions and ownership for files that were installed by packages.
This STIG requirement will be skipped on Ubuntu.
The STIG requires that all files owned by an installed package must have their permissions, user ownership, and group ownership set back to the vendor defaults.
Although this is a good practice, it can cause issues if permissions or ownership were intentionally set after the packages were installed. It also causes significant delays in deployments. Therefore, this STIG is not applied by default.
Deployers may opt in for the change by setting the following Ansible variable:
security_reset_perm_ownership: yes