STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The operating system must implement transaction recovery for transaction-based systems.

DISA Rule

SV-216219r603268_rule

Vulnerability Number

V-216219

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-080150

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000553 - The information system implements transaction recovery for systems that are transaction-based.

Weight

10

Fix Recommendation

The root role is required.

Solaris 11 ZFS copy-on-write model allows filesystem accesses to work according to a transactional model, such that on-disk content is always consistent and cannot be configured to be out of compliance.

If any UFS file systems are mounted with the "nologging" options, remove that option from the /etc/vfstab file.

# pfedit /etc/vfstab

Locate any file systems listed with the "nologging" option and delete the keyword "nologging".

Check Contents

Solaris 11 ZFS copy-on-write model allows filesystem accesses to work according to a transactional model, such that on-disk content is always consistent and cannot be configured to be out of compliance.

Determine if any UFS file systems are mounted with the "nologging" option.

# mount|grep nologging

If any file systems are listed, this is a finding.

Vulnerability Number

V-216219

Documentable

False

Rule Version

SOL-11.1-080150

Severity Override Guidance

Solaris 11 ZFS copy-on-write model allows filesystem accesses to work according to a transactional model, such that on-disk content is always consistent and cannot be configured to be out of compliance.

Determine if any UFS file systems are mounted with the "nologging" option.

# mount|grep nologging

If any file systems are listed, this is a finding.

Check Content Reference

M

Target Key

4021

Comments