Ensure SETroubleshoot is not installed
Details The SETroubleshoot service notifies desktop users of SELinux denials through a user-friendly interface. The service provides important information around...
- Home
- Security Hardening
- CIS Aliyun Linux 2 L2 V1.0.0
CIS Aliyun Linux 2 L2 V1.0.0
Ensure system is disabled when audit logs are full – email
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – halt
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – root
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure the MCS Translation Service (mcstrans) is not installed
Details The mcstransd daemon provides category label information to client processes requesting information. The label translations are defined in /etc/selinux/targeted/setrans.conf...Ensure the SELinux state is enforcing – /etc/selinux/config
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time in to...Ensure the SELinux state is enforcing – sestatus
Details Set SELinux to enable when the system is booted. Rationale: SELinux must be enabled at boot time in to...