Red Hat Insights Client Does Not Meet CIS Benchmark

Solution In Progress - Updated -

Issue

Disclaimer:  Links contained herein to external website(s) are provided for convenience only.  Red Hat has not reviewed the links and is not responsible for the content or its availability.  The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services.  You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

  • The audit rule in section 4.2.3 of the RHEL 7 & RHEL 8 Center for Internet Security (CIS) benchmarks state that there must not be any 'other' permissions on log files.
  • The Red Hat Insights client creates log files in /var/log/insights-client.  That directory is owned by the root user and root group and has '700' permissions.  Still, the fact that files in that directory are created with 644 permissions triggers the CIS audit rule.

Environment

  • Red Hat Enterprise Linux 7 (RHEL 7)
  • Red Hat Enterprise Linux 8 (RHEL 8)
  • Red Hat Enterprise Linux 9 (RHEL 9)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content