[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30477 Download | Alert*

Ensure gpgcheck Enabled For All Yum Package Repositories To ensure signature checking is not disabled for any repos, remove any lines from files in '/etc/yum.repos.d' of the form: 'gpgcheck=0'

Set the GNOME3 Login Warning Banner Text To set the text shown by the GNOME3 Display Manager in the login screen, the 'banner-message-text' setting must be set under an appropriate configuration file(s) in the '/etc/dconf/db/gdm.d' directory and locked in '/etc/dconf/db/gdm.d/locks' directory to prevent user modification. After the settings have been set, run 'dconf update'. When entering a war ...

Ensure Red Hat GPG Key Installed To ensure the system can cryptographically verify base software packages come from Red Hat (and to connect to the Red Hat Network to receive them), the Red Hat GPG key must properly be installed. To install the Red Hat GPG key, run: '$ sudo rhn_register' If the system is not connected to the Internet or an RHN Satellite, then install the Red Hat GPG key from tru ...

Ensure /var/log Located On Separate Partition System logs are stored in the '/var/log' directory. Ensure that it has its own partition or logical volume at installation time, or migrate it using LVM.

Enable GNOME3 Login Warning Banner To enable displaying a login warning banner in the GNOME Display Manager's login screen, the 'banner-message-enable' setting must be set under an appropriate configuration file(s) in the '/etc/dconf/db/gdm.d' directory and locked in '/etc/dconf/db/gdm.d/locks' directory to prevent user modification. After the settings have been set, run 'dconf update'. To dis ...

Ensure /var/log/audit Located On Separate Partition Audit logs are stored in the '/var/log/audit' directory. Ensure that it has its own partition or logical volume at installation time, or migrate it later using LVM. Make absolutely certain that it is large enough to store all audit logs that will be created by the auditing daemon.

System Audit Logs Must Have Mode 0640 or Less Permissive Change the mode of the audit log files with the following command: '$ sudo chmod 0640 audit_file'

Prevent Log In to Accounts With Empty Password If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without authentication. Remove any instances of the 'nullok' option in '/etc/pam.d/system-auth' to prevent logins with empty passwords.

Verify /boot/grub2/grub.cfg Permissions File permissions for '/boot/grub2/grub.cfg' should be set to 600. To properly set the permissions of '/boot/grub2/grub.cfg', run the command:

Verify that System Executables Have Restrictive Permissions System executables are stored in the following directories by default: /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin All files in these directories should not be group-writable or world-writable. If any file


Pages:      Start    2998    2999    3000    3001    3002    3003    3004    3005    3006    3007    3008    3009    3010    3011    ..   3047

© SecPod Technologies