openstack/openstack-ansible-security
Code Issues Proposed changes

[Docs] Exceptions for user init files

Browse Source 
Making broad changes to user initialization files with Ansible is
disruptive to the contents of home directories. This patch contains
documentation for exceptions.

Implements: blueprint security-rhel7-stig
Change-Id: Ia9d2cb336ab2a9f7af7baec644d3b04535f498e6
This commit is contained in:
Major Hayden
2016-12-15 10:45:07 -06:00
parent 8e82b13e4b
commit 9294b06d68
3 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
doc/metadata/rhel7/RHEL-07-020840.rst
View File

@@ -1,7 +1,13 @@
---
id: RHEL-07-020840
status: not implemented
tag: misc
status: exception - manual intervention
tag: file_perms
---
This STIG requirement is not yet implemented.
Although the STIG requires that all initialization files for interactive users
have proper owners, group owners, and permissions, these changes are often
disruptive for users. The tasks in the security role do not make any changes
to user initialization files.
Deployers should review the content and discretionary access controls applied
to each user's initialization files in their home directory.

12
doc/metadata/rhel7/RHEL-07-020850.rst
View File

@@ -1,7 +1,13 @@
---
id: RHEL-07-020850
status: not implemented
tag: misc
status: exception - manual intervention
tag: file_perms
---
This STIG requirement is not yet implemented.
Although the STIG requires that all initialization files for interactive users
have proper owners, group owners, and permissions, these changes are often
disruptive for users. The tasks in the security role do not make any changes
to user initialization files.
Deployers should review the content and discretionary access controls applied
to each user's initialization files in their home directory.

12
doc/metadata/rhel7/RHEL-07-020860.rst
View File

@@ -1,7 +1,13 @@
---
id: RHEL-07-020860
status: not implemented
tag: misc
status: exception - manual intervention
tag: file_perms
---
This STIG requirement is not yet implemented.
Although the STIG requires that all initialization files for interactive users
have proper owners, group owners, and permissions, these changes are often
disruptive for users. The tasks in the security role do not make any changes
to user initialization files.
Deployers should review the content and discretionary access controls applied
to each user's initialization files in their home directory.