bfcf6c7423
This role contains around 150 controls from the 270+ controls that exist in the RHEL 6 STIG. New controls are still being added. Implements: blueprint security-hardening Change-Id: I0578f86bf42d55242bc72b97b40a5935a3cb18d6
858 B
Ubuntu's default for space_left_action is
SUSPEND, which actually only suspends audit logging. That
could be a security issue, so SYSLOG is recommended and is
set by default be openstack-ansible-security. If syslog messages are
being sent to remote servers, these log messages should alert an
administrator about the disk being almost full. There are additional
options available, like EXEC, SINGLE or
HALT.
To configure a different space_left_action, set the
following Ansible variable:
space_left_action = SYSLOGFor details on available settings and what they do, run
man auditd.conf. Some options can cause the host to go
offline until the issue is fixed. Deployers are urged to
carefully read the auditd documentation prior to
changing the space_left_action setting from the
default.