tried to repartition on 6.7 for the DISA STIG, hangs at boot

Latest response

I am building a system that must be stigged. I let the install do what it felt like, but that resulted in a gigantic /home partition and most of the security interesting bits all being in the same volume as /. I created a smaller /home to recoup room, created new partitions to put /var, /var/log, /var/log/audit and /opt in (STIG says "do it")
lvremove vg/lv_home

lvcreate -L {sane}M -n lv_home

similar lines for the others, and formatted them from the disk manager.

I created temporary mount points for these, mounted them and ran these commands:

cd $old (where old is one of the directories mentioned)
tar -cf ../$old.tar *
cd ../$new ($new is a temporary mount point)
tar -xf ../$old.tar

I then edited fstab to include lines to mount the new partitions.

The system comes up to the splash screen and stays there, although having let it go over last night maybe it has done something. I can't check for a while.

So, boot to single user and correct fstab? Reinstall? How do people install when they know they want to STIG the system? I am mostly a BSD guy on the Linux side, so LVM is a real novelty for me.

EA
Log in to join the conversation

Responses

EA Community Member 83 points
19 February 2016 8:36 PM

OK, I have been able to get the system to start with /var/log and /var/audit on separate partitions from /, but when I try to do the same with /var, the problem is back.

What is so special at /var compared to /var/log/*?

James Nauer's picture Pro 798 points
20 February 2016 1:51 AM

'tar' may not be the best command for copying /var, as /var is likely to contain sockets, named pipes, and other weird file types that aren't handled well (or at all) by 'tar' (certainly not with default options).

I have moved /var in the past, but I don't think I've done it on RHEL 6+, and I generally do it from single-user mode or better yet rescue mode.

(also, I would avoid saving a duplicate copy of the data in a file, by piping the output of the first 'tar' directly to the second:

cd $OLDDIR; tar cf - . | (cd $NEWDIR; tar xf - )

note the spaces!)

thomas.jones2@dodiis.mil's picture Guru 6435 points
16 September 2016 2:00 AM

This is why you go old-school and use dump. When you target the device, it streams the entirety of the data hosted on top and transfers it to your destination.

LK Active Contributor 240 points
2 March 2016 7:43 PM

Why not just 'cp' the data from old to new? James brings up a good point about sockets, etc. Bring the system up in rescue mode to prevent any dynamic things from living in /var during the copy.

EA Community Member 83 points
2 March 2016 11:34 PM

Ended up reinstalling. Was no data on it yet. Thanks to all.

David Powles's picture Red Hat 25369 points
8 March 2016 8:47 AM

Glad you got it resolved, Edward.

R. Hinton's picture Guru 6827 points
15 September 2016 2:51 AM

selinux contexts buggered another person recently posted in this discussion forum who had to migrate data from a /var to a new partition. may have to relabel a new partition. Anyone reading this with a similar issue, may need to remember to validate selinux contexts, perhaps (only) temporarily turn off selinux in the /etc/selinux/config file (and reenable after the test of a reboot).

Zdenek_Se's picture Pro 730 points
20 September 2016 6:41 AM

It is strongly recommended to add the -p parameter, when using tar. This will preserve the file attributes.

EA Community Member 83 points
20 September 2016 1:35 PM

Thanks one and all, this problem has been solved (started over on the installation.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.