inspec-profile-disa_stig-el7 icon indicating copy to clipboard operation
inspec-profile-disa_stig-el7 copied to clipboard

Published 20 hours ago verified publisher icon simp

A check needs to be in place to ensure that there is an 'audit=1' parameter added to the kernel

Open trevor-vaughan opened this issue 7 years ago • 4 comments

Without this, auditing is not guaranteed to be started at the earliest possible moment during the boot sequence.

trevor-vaughan avatar Sep 29 '17 18:09 trevor-vaughan

chef/inspec#2197 is relevant to this

@jburns12 You may want to take a swipe at this if you have time.

trevor-vaughan avatar Sep 29 '17 18:09 trevor-vaughan

What control is this part of?

Bialogs avatar Mar 04 '19 19:03 Bialogs

The best I can find is the RHEL 6 STIG V-38438 which is exactly what you are describing. I do not see a similar control for RHEL 7 (Lookin in the latest 2.2 January 2019).

Bialogs avatar Mar 11 '19 14:03 Bialogs

While this is probably a good thing to have configured in general I don't think we want to be validating things that aren't mandated in the STIG.

ljkimmel avatar Mar 25 '20 18:03 ljkimmel