STIGQter STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 1 Release: 26 Benchmark Date: 24 Jan 2020: The root file system must employ journaling or another mechanism ensuring file system consistency.

DISA Rule

SV-40021r1_rule

Vulnerability Number

V-4304

Group Title

GEN003640

Rule Version

GEN003640

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Implement file system journaling for the root file system, or use a file system using other mechanisms to ensure consistency. If the root file system supports journaling, enable it. If the file system does not support journaling or another mechanism to ensure consistency, a migration to a different file system will be necessary.

Check Contents

Logging should be enabled for those types of files systems that do not turn on logging by default.

Procedure:
# mount -v

UFS, JFS, VXFS, HFS, XFS, reiserfs, EXT3 and EXT4 all turn logging on by default and will not be a finding. The ZFS file system uses other mechanisms to provide for file system consistency, and will not be a finding. For other file systems types, if the root file system does not have the 'logging' option, this is a finding. If the 'nolog' option is set on the root file system, this is a finding.

Vulnerability Number

V-4304

Documentable

False

Rule Version

GEN003640

Severity Override Guidance

Logging should be enabled for those types of files systems that do not turn on logging by default.

Procedure:
# mount -v

UFS, JFS, VXFS, HFS, XFS, reiserfs, EXT3 and EXT4 all turn logging on by default and will not be a finding. The ZFS file system uses other mechanisms to provide for file system consistency, and will not be a finding. For other file systems types, if the root file system does not have the 'logging' option, this is a finding. If the 'nolog' option is set on the root file system, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

25

Comments