The operating system must preserve organization-defined system state information in the event of a system failure.
The following DISA STIG ID was in RHEL 6:
The operating system must preserve organization-defined system state information in the event of a system failure.
The fix text said the following: RHEL6 supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding.
Our organization is now running RHEL 7.4 and I am wondering does this still apply? What settings/files are configured to force a system into a "defined" state?
Responses
Hi Mike, which one of these items http://people.redhat.com/swells/scap-security-guide/tables/table-rhel6-stig.html in particular were you referring to?
Also, for the current rhel7 stig requirements, examine this SCC 5.0.2 RHEL 7 x86 64 *PKI https://iase.disa.mil/stigs/scap/Pages/index.aspx. This link is the stig home at disa
When you extract that, you end up with an DISA provided rpm which has some readme info that's useful for install/running to get your stig status for a system. There are some false positives.
I looked, could not see the language you speak of. Do you have the precise stig text for that requirement? (I see you're asking about rhel6 stig and it's applicability to rhel7)
Regards,
RJ
The RHEL 7 stig (xml file that you read with a web browser) has nothing on that. However, I found this http://people.redhat.com/swells/scap-security-guide/tables/table-rhel7-srgmap.html and search for SRG-OS-000269-GPOS-00103 CCI-001665. Also see this
Product Meets this Requirement This requirement is a permanent not a finding. No fix is required.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
