STIGQter STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The root file system must employ journaling or another mechanism ensuring file system consistency.

DISA Rule

SV-227808r603266_rule

Vulnerability Number

V-227808

Group Title

SRG-OS-000480

Rule Version

GEN003640

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Implement file system journaling for the root file system, or use a file system using other mechanisms to ensure consistency. If the root file system supports journaling, enable it. If the file system does not support journaling or another mechanism to ensure consistency, a migration to a different file system will be necessary.

Check Contents

Logging should be enabled for those types of files systems that do not turn on logging by default.

Procedure:
# mount -v

UFS, JFS, VXFS, HFS, XFS, reiserfs, EXT3 and EXT4 all turn logging on by default and will not be a finding. The ZFS file system uses other mechanisms to provide for file system consistency, and will not be a finding. For other file systems types, if the root file system does not have the 'logging' option, this is a finding. If the 'nolog' option is set on the root file system, this is a finding.

Vulnerability Number

V-227808

Documentable

False

Rule Version

GEN003640

Severity Override Guidance

Logging should be enabled for those types of files systems that do not turn on logging by default.

Procedure:
# mount -v

UFS, JFS, VXFS, HFS, XFS, reiserfs, EXT3 and EXT4 all turn logging on by default and will not be a finding. The ZFS file system uses other mechanisms to provide for file system consistency, and will not be a finding. For other file systems types, if the root file system does not have the 'logging' option, this is a finding. If the 'nolog' option is set on the root file system, this is a finding.

Check Content Reference

M

Target Key

4061

Comments