Department of Defense Red Hat Enterprise Linux 8 compliance

The U.S. Department of Defense (DoD) requires highly secure computer systems. This level of security and quality defined by DoD meets with the quality and customer base of Red Hat Enterprise Linux® Server 8.

PowerSC supports the requirements of the Department of Defense Red Hat Enterprise Linux 8 STIG. A summary of the requirements and how to ensure that compliance are provided in the table that follows.

Note: All of the custom script files that are provided to maintain DoD compliance are in the /etc/security/pscxpert/custom directory.
Table 1. Red Hat Enterprise Linux 8 STIG requirements
Department of Defense STIG Finding Group Description Location of the script where the action is defined and the results of the action that enables compliance
V-230221 RHEL8 Security Recommendation Rules RHEL 8 must be a vendor-supported release.
Location
/etc/security/pscxpert/bin/adapter
Compliance action
Automatically enables the specified security recommendation.
V-230558 RHEL8 Security Recommendation Rules A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
Location
/etc/security/pscxpert/bin/adapter
Compliance action
Automatically enables the specified security recommendation.
V-230380 RHEL8 Security Recommendation Rules Accounts with empty passwords should never be used in operational environments.
Location
/etc/security/pscxpert/bin/adapter
Compliance action
Automatically enables the specified security recommendation.
V-230533 RHEL8 Security Recommendation Rules The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
Location
/etc/security/pscxpert/bin/adapter
Compliance action
Automatically enables the specified security recommendation.
V-230492 RHEL8 Security Recommendation Rules RHEL 8 must not have the rsh-server package installed.
Location
/etc/security/pscxpert/bin/adapter
Compliance action
Automatically enables the specified security recommendation.