diff options
Diffstat (limited to 'xml/SCAP/gentoo-xccdf.xml')
-rw-r--r-- | xml/SCAP/gentoo-xccdf.xml | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/xml/SCAP/gentoo-xccdf.xml b/xml/SCAP/gentoo-xccdf.xml index e51a0ab..1057fb3 100644 --- a/xml/SCAP/gentoo-xccdf.xml +++ b/xml/SCAP/gentoo-xccdf.xml @@ -73,6 +73,10 @@ <select idref="xccdf_org.gentoo.dev.swift_rule_partition-devshm-noexec" selected="true" /> <!-- Kernel quota support must be enabled --> <select idref="xccdf_org.gentoo.dev.swift_rule_kernel-quota" selected="true" /> + <!-- /var is mounted with usrquota or grpquota --> + <select idref="xccdf_org.gentoo.dev.swift_rule_var-quota" selected="true" /> + <!-- /home is mounted with usrquota or grpquota --> + <select idref="xccdf_org.gentoo.dev.swift_rule_home-quota" selected="true" /> <!-- No telnetd process is running --> <select idref="xccdf_org.gentoo.dev.swift_rule_telnetd-notrunning" selected="true" /> <!-- No ftpd process is running --> @@ -949,6 +953,24 @@ mount -o remount,noexec /dev/shm <check-content-ref name="oval:org.gentoo.dev.swift:def:18" href="gentoo-oval.xml" /> </check> </Rule> + <Rule id="xccdf_org.gentoo.dev.swift_rule_var-quota" selected="false" severity="low" weight="1.7"> + <title>The /var file system is mounted with usrquota or grpquota</title> + <fixtext fixref="xccdf_org.gentoo.dev.swift_fix_var-quota">Mount /var with usrquota and/or grpquota</fixtext> + <fix id="xccdf_org.gentoo.dev.swift_fix_partition-var-quota" + system="urn:xccdf:fix:system:commands" + platform="cpe:/o:gentoo:linux" complexity="low" disruption="low" reboot="false"> +mount -o remount,usrquota,grpquota /var + </fix> + </Rule> + <Rule id="xccdf_org.gentoo.dev.swift_rule_home-quota" selected="false" severity="low" weight="1.7"> + <title>The /home file system is mounted with usrquota or grpquota</title> + <fixtext fixref="xccdf_org.gentoo.dev.swift_fix_home-quota">Mount /home with usrquota and/or grpquota</fixtext> + <fix id="xccdf_org.gentoo.dev.swift_fix_partition-home-quota" + system="urn:xccdf:fix:system:commands" + platform="cpe:/o:gentoo:linux" complexity="low" disruption="low" reboot="false"> +mount -o remount,usrquota,grpquota /home + </fix> + </Rule> </Group> <!-- system-fs-quotas --> </Group> <!-- system-fs --> <Group id="xccdf_org.gentoo.dev.swift_group_system-services"> |