Merge "Set action_email_acct in auditd [+Docs]"
This commit is contained in:
commit
66d1cf2cfc
|
@ -1,7 +1,14 @@
|
|||
---
|
||||
id: RHEL-07-030352
|
||||
status: not implemented
|
||||
tag: misc
|
||||
status: implemented
|
||||
tag: auditd
|
||||
---
|
||||
|
||||
This STIG requirement is not yet implemented.
|
||||
The ``action_mail_acct`` configuration in the audit daemon configuration file
|
||||
is set to ``root`` to meet the requirements of the STIG. Deployers can
|
||||
customize the recipient of the emails that come from auditd by setting the
|
||||
following Ansible variable:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
security_rhel7_auditd_action_mail_acct: root
|
||||
|
|
|
@ -159,6 +159,9 @@
|
|||
- high
|
||||
- auditd
|
||||
- RHEL-07-030340
|
||||
- RHEL-07 030350
|
||||
- RHEL-07 030351
|
||||
- RHEL-07 030352
|
||||
|
||||
- name: Ensure auditd is running and enabled at boot time
|
||||
service:
|
||||
|
|
|
@ -34,6 +34,9 @@ auditd_config:
|
|||
- parameter: space_left_action
|
||||
value: "{{ security_rhel7_auditd_space_left_action }}"
|
||||
config: /etc/audit/auditd.conf
|
||||
- parameter: action_mail_acct
|
||||
value: "{{ security_rhel7_auditd_action_mail_acct }}"
|
||||
config: /etc/audit/auditd.conf
|
||||
|
||||
## auditd rules
|
||||
# This variable is used in tasks/rhel7stig/auditd.yml to deploy auditd rules
|
||||
|
|
Loading…
Reference in New Issue