Ensure separate partition exists for /var
Details The /var directory is used by daemons and other system services to temporarily store dynamic data. Some directories created...
- Home
- Security Hardening
- CIS SUSE Linux Enterprise Server 11 L2 V2.1.0
CIS SUSE Linux Enterprise Server 11 L2 V2.1.0
Ensure separate partition exists for /var/log
Details The /var/log directory is used by system services to store log data . There are two important reasons to...Ensure separate partition exists for /var/log/audit
Details The auditing daemon, auditd, stores log data in the /var/log/audit directory. There are two important reasons to ensure that...Ensure separate partition exists for /var/tmp
Details The /var/tmp directory is a world-writable directory used for temporary storage by all users and some applications. Since the...Ensure SETroubleshoot is not installed
Details The SETroubleshoot service notifies desktop users of SELinux denials through a user-friendly interface. The service provides important information around...Ensure system is disabled when audit logs are full – action_mail_acct
Details The auditd daemon can be configured to halt the system when the audit logs are full. In high security...Ensure system is disabled when audit logs are full – admin_space_left_action
Details The auditd daemon can be configured to halt the system when the audit logs are full. In high security...Ensure system is disabled when audit logs are full – space_left_action
Details The auditd daemon can be configured to halt the system when the audit logs are full. In high security...Ensure the MCS Translation Service (mcstrans) is not installed
Details The mcstransd daemon provides category label information to client processes requesting information. The label translations are defined in /etc/selinux/targeted/setrans.conf...Ensure the SELinux state is enforcing
Details Set SELinux to enable when the system is booted. SELinux must be enabled at boot time in to ensure...