bfcf6c7423
This role contains around 150 controls from the 270+ controls that exist in the RHEL 6 STIG. New controls are still being added. Implements: blueprint security-hardening Change-Id: I0578f86bf42d55242bc72b97b40a5935a3cb18d6
848 B
848 B
Ubuntu's default for disk_full_action is
SUSPEND, which actually only suspends audit logging. That
could be a security issue, so SYSLOG is recommended and is
set by default be openstack-ansible-security. If syslog messages are
being sent to remote servers, these log messages should alert an
administrator about the disk being full. There are additional options
available, like EXEC, SINGLE or
HALT.
To configure a different disk_full_action, set the
following Ansible variable:
disk_full_action = SYSLOGFor details on available settings and what they do, run
man auditd.conf. Some options can cause the host to go
offline until the issue is fixed. Deployers are urged to
carefully read the auditd documentation prior to
changing the disk_full_action setting from the default.