Department of Defense Red Hat Enterprise Linux 9 compliance

The U.S. Department of Defense (DoD) requires highly secure computer systems. This level of security and quality defined by DoD meets with the quality and customer base of Red Hat Enterprise Linux® Server 9.

PowerSC supports the requirements of the Department of Defense Red Hat Enterprise Linux 9 STIG. A summary of the requirements and how to ensure that compliance are provided in the table that follows.

Note: All of the custom script files that are provided to maintain DoD compliance are in the /etc/security/pscxpert/custom directory.

Table 1. Red Hat Enterprise Linux 9 STIG requirements
Department of Defense STIG Finding	Group	Description	Location of the script that modifies the setting
V-257778	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257778: RHEL 9 vendor packaged system security patches and updates must be installed and up to date.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/security_updates
V-257779	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257779: RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/etc_issue_text Arguments: /etc/issue dod
V-257781	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257781: The graphical display manager must not be the default target on RHEL 9 unless approved.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/multi-user-default Arguments:
V-257782	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257782: RHEL 9 must enable the hardware random number generator entropy gatherer service. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: rng-tools install
V-257782	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257782: RHEL 9 must enable the hardware random number generator entropy gatherer service. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: rng-tools active
V-257783	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257783: RHEL 9 systemd-journald service must be enabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: systemd-journald active
V-257784	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257784: The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ctrl_alt_del Arguments: burst
V-257785	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257785: The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ctrl_alt_del Arguments:
V-257786	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257786: RHEL 9 debug-shell systemd service must be disabled. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: debug-shell mask
V-257786	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257786: RHEL 9 debug-shell systemd service must be disabled. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: debug-shell disable
V-257787	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257787: RHEL 9 must require a boot loader superuser password.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: password
V-257788	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257788: RHEL 9 must disable the ability of systemd to spawn an interactive boot process.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args systemd.confirm_spawn remove
V-257789	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257789: RHEL 9 must require a unique superusers name upon booting into single-user and maintenance modes.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: grub_superuser_name
V-257790	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257790: RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /boot/grub2/grub.cfg :root NA NA
V-257791	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257791: RHEL 9 /boot/grub2/grub.cfg file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /boot/grub2/grub.cfg root: NA NA
V-257792	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257792: RHEL 9 must disable virtual system calls.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args vsyscall=none set
V-257793	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257793: RHEL 9 must clear the page allocator to prevent use-after-free attacks.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args vsyscall=none set
V-257794	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257794: RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args slub_debug=P set
V-257795	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257795: RHEL 9 must enable mitigations against processor-based vulnerabilities.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args pti=on set
V-257796	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257796: RHEL 9 must enable auditing of processes that start prior to the audit daemon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args audit=1 set
V-257797	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257797: RHEL 9 must restrict access to the kernel message buffer.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.dmesg_restrict 1
V-257798	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257798: RHEL 9 must prevent kernel profiling by nonprivileged users.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.perf_event_paranoid 2
V-257799	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257799: RHEL 9 must prevent the loading of a new kernel for later execution.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.kexec_load_disabled 1
V-257800	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257800: RHEL 9 must restrict exposed kernel pointer addresses access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.kptr_restrict 1
V-257801	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257801: RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel fs.protected_hardlinks 1
V-257802	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257802: RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel fs.protected_symlinks 1
V-257803	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257803: RHEL 9 must disable the kernel.core_pattern.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.core_pattern "\|/bin/false"
V-257804	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257804: RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: atm
V-257805	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257805: RHEL 9 must be configured to disable the Controller Area Network kernel module.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: can
V-257806	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257806: RHEL 9 must be configured to disable the FireWire kernel module.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: firewire-core
V-257807	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257807: RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: sctp
V-257808	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257808: RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: tipc
V-257809	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257809: RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: aslr
V-257810	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257810: 9 must disable access to network bpf system call from nonprivileged processes.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.unprivileged_bpf_disabled 1
V-257811	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257811: RHEL 9 must restrict usage of ptrace to descendant processes.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel kernel.yama.ptrace_scope 1
V-257812	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257812: RHEL 9 must disable core dump backtraces.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/core_dumps Arguments: backtrace
V-257813	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257813: RHEL 9 must disable storing core dumps.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/core_dumps Arguments: storage
V-257814	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257814: RHEL 9 must disable core dumps for all users.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/limits_conf Arguments: limit hard core 0
V-257816	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257816: RHEL 9 must disable the use of user namespaces.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel user.max_user_namespaces 0
V-257817	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257817: RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: kernel_args noexec=off remove
V-257818	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257818: The kdump service on RHEL 9 must be disabled. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: kdump mask
V-257818	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257818: The kdump service on RHEL 9 must be disabled. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: kdump disable
V-257819	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257819: RHEL 9 must ensure cryptographic verification of vendor software packages.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/redhat_gpg_keys Arguments:
V-257820	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257820: RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gpgcheck Arguments: main
V-257821	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257821: RHEL 9 must check the GPG signature of locally installed software packages before installation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gpgcheck Arguments: local
V-257822	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257822: RHEL 9 must have GPG signature verification enabled for all software repositories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gpgcheck Arguments:
V-257823	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257823: RHEL 9 must be configured so that the cryptographic hashes of system files match vendor values.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/hash_integrity Arguments:
V-257824	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257824: RHEL 9 must remove all software components after updated versions have been installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/dnf_config Arguments: clean_requirements_on_remove True
V-257825	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257825: RHEL 9 subscription-manager package must be installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: subscription-manager install
V-257826	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257826: RHEL 9 must not have a File Transfer Protocol (FTP) server package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: ftp install
V-257827	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257827: RHEL 9 must not have the sendmail package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: sendmail uninstall
V-257828	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257828: RHEL 9 must not have the nfs-utils package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: nfs-utils uninstall
V-257829	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257829: RHEL 9 must not have the ypserv package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: ypserv uninstall
V-257830	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257830: RHEL 9 must not have the rsh-server package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: rsh-server uninstall
V-257831	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257831: RHEL 9 must not have the telnet-server package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: telnetd uninstall
V-257832	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257832: RHEL 9 must not have the gssproxy package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: gssproxy uninstall
V-257833	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257833: RHEL 9 must not have the iprutils package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: iprutils uninstall
V-257834	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257834: RHEL 9 must not have the tuned package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: tuned uninstall
V-257835	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257835: RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: tftp-server uninstall
V-257836	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257836: RHEL 9 must not have the quagga package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: frr uninstall
V-257837	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257837: A graphical display manager must not be installed on RHEL 9 unless approved.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: xorg uninstall
V-257838	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257838: RHEL 9 must have the openssl-pkcs11 package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: openssl-pkcs11 install
V-257839	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257839: RHEL 9 must have the gnutls-utils package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: gnutls-utils install
V-257840	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257840: RHEL 9 must have the nss-tools package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: nss-tools install
V-257841	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257841: RHEL 9 must have the rng-tools package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: rng-tools install
V-257842	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257842: RHEL 9 must have the s-nail package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: s-nail install
V-257843	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257843: A separate RHEL 9 file system must be used for user home directories (such as /home or an equivalent).	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /home
V-257844	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257844: RHEL 9 must use a separate file system for /tmp.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /tmp
V-257845	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257845: RHEL 9 must use a separate file system for /var.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /var
V-257846	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257846: RHEL 9 must use a separate file system for /var/log.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /var/log
V-257847	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257847: RHEL 9 must use a separate file system for the system audit data path.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /var/log/audit
V-257848	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257848: RHEL 9 must use a separate file system for /var/tmp.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: configure /var/tmp
V-257849	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257849: RHEL 9 file system automount function must be disabled unless required.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: automount
V-257850	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257850: RHEL 9 must prevent device files from being interpreted on file systems that contain user home directories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /home
V-257851	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257851: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /home
V-257852	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257852: RHEL 9 must prevent code from being executed on file systems that contain user home directories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /home
V-257854	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257854: RHEL 9 must prevent special devices on file systems that are imported via Network File System (NFS). Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev nfs
V-257854	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257854: RHEL 9 must prevent special devices on file systems that are imported via Network File System (NFS). Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev nfs4
V-257855	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257855: RHEL 9 must prevent code from being executed on file systems that are imported via Network File System (NFS). Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec nfs
V-257855	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257855: RHEL 9 must prevent code from being executed on file systems that are imported via Network File System (NFS). Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec nfs4
V-257856	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257856: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid nfs
V-257856	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257856: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid nfs4
V-257857	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257857: RHEL 9 must prevent code from being executed on file systems that are used with removable media.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: removable noexec
V-257858	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257858: RHEL 9 must prevent special devices on file systems that are used with removable media.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: removable nodev
V-257859	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257859: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are used with removable media.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: removable nosuid
V-257860	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257860: RHEL 9 must mount /boot with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /boot
V-257861	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257861: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /boot
V-257862	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257862: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /boot/efi
V-257863	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257863: RHEL 9 must mount /dev/shm with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /dev/shm
V-257864	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257864: RHEL 9 must mount /dev/shm with the noexec option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /dev/shm
V-257865	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257865: RHEL 9 must mount /dev/shm with the nosuid option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /dev/shm
V-257866	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257866: RHEL 9 must mount /tmp with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /tmp
V-257867	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257867: RHEL 9 must mount /tmp with the noexec option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /tmp
V-257868	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257868: RHEL 9 must mount /tmp with the nosuid option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /tmp
V-257869	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257869: RHEL 9 must mount /var with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /var
V-257870	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257870: RHEL 9 must mount /var/log with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /var/log
V-257871	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257871: RHEL 9 must mount /var/log with the noexec option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /var/log
V-257872	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257872: RHEL 9 must mount /var/log with the nosuid option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /var/log
V-257873	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257873: RHEL 9 must mount /var/log/audit with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /var/log/audit
V-257874	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257874: RHEL 9 must mount /var/log/audit with the noexec option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /var/log/audit
V-257875	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257875: RHEL 9 must mount /var/log/audit with the nosuid option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /var/log/audit
V-257876	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257876: RHEL 9 must mount /var/tmp with the nodev option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nodev /var/tmp
V-257877	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257877: RHEL 9 must mount /var/tmp with the noexec option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option noexec /var/tmp
V-257878	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257878: RHEL 9 must mount /var/tmp with the nosuid option.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: option nosuid /var/tmp
V-257879	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257879: RHEL 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/disk_encryption Arguments: luks_encryption
V-257880	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257880: RHEL 9 must disable mounting of cramfs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: cramfs
V-257881	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257881: RHEL 9 must prevent special devices on non-root local partitions.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: optionlocal nodev
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /bin NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/bin NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/sbin NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/libexec NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/bin NA 755 RECURSIVE_MORE
V-257882	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257882: RHEL 9 system commands must have mode 755 or less permissive. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/sbin NA 755 RECURSIVE_MORE
V-257883	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257883: RHEL 9 library directories must have mode 755 or less permissive. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib NA 755 MORE_RECURSIVE_DIRECTORIES
V-257883	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257883: RHEL 9 library directories must have mode 755 or less permissive. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 NA 755 MORE_RECURSIVE_DIRECTORIES
V-257883	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257883: RHEL 9 library directories must have mode 755 or less permissive. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib NA 755 MORE_RECURSIVE_DIRECTORIES
V-257883	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257883: RHEL 9 library directories must have mode 755 or less permissive. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 NA 755 MORE_RECURSIVE_DIRECTORIES
V-257884	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257884: RHEL 9 library files must have mode 755 or less permissive. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib NA 755 RECURSIVE_MORE
V-257884	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257884: RHEL 9 library files must have mode 755 or less permissive. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 NA 755 RECURSIVE_MORE
V-257884	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257884: RHEL 9 library files must have mode 755 or less permissive. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib NA 755 RECURSIVE_MORE
V-257884	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257884: RHEL 9 library files must have mode 755 or less permissive. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 NA 755 RECURSIVE_MORE
V-257885	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257885: RHEL 9 /var/log directory must have mode 0755 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log NA 755 MORE
V-257886	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257886: RHEL 9 /var/log/messages file must have mode 0640 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log/messages NA 640 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditctl NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/aureport NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/ausearch NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/autrace NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditd NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/rsyslogd NA 755 MORE
V-257887	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257887: RHEL 9 audit tools must have a mode of 0755 or less permissive. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/augenrules NA 755 MORE
V-257888	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257888: RHEL 9 cron configuration directories must have a mode of 0700 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: '/etc/cron.*' NA 700 MORE_WILDCARD
V-257889	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257889: All RHEL 9 local initialization files must have mode 0740 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: HOMEDIR_DOTFILES NA 740 MORE
V-257890	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257890: All RHEL 9 local interactive user home directories must have mode 0750 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: HOMEDIRS NA 750 MORE
V-257891	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257891: RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group NA 644 MORE
V-257892	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257892: RHEL 9 /etc/group- file must have mode 0644 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group- NA 644 MORE
V-257893	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257893: RHEL 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow NA 000 MORE
V-257894	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257894: RHEL 9 /etc/gshadow- file must have mode 0000 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow- NA 000 MORE
V-257895	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257895: RHEL 9 /etc/passwd file must have mode 0644 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd NA 644 MORE
V-257896	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257896: RHEL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd- NA 644 MORE
V-257897	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257897: RHEL 9 /etc/shadow- file must have mode 0000 or less permissive to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow- NA 000 MORE
V-257898	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257898: RHEL 9 /etc/group file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group root: NA NA
V-257899	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257899: RHEL 9 /etc/group file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group :root NA NA
V-257900	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257900: RHEL 9 /etc/group- file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group- root: NA NA
V-257901	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257901: RHEL 9 /etc/group- file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/group- :root NA NA
V-257902	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257902: RHEL 9 /etc/gshadow file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow root: NA NA
V-257903	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257903: RHEL 9 /etc/gshadow file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow :root NA NA
V-257904	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257904: RHEL 9 /etc/gshadow- file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow- root: NA NA
V-257905	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257905: RHEL 9 /etc/gshadow- file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/gshadow- :root NA NA
V-257906	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257906: RHEL 9 /etc/passwd file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd root: NA NA
V-257907	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257907: RHEL 9 /etc/passwd file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd :root NA NA
V-257908	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257908: RHEL 9 /etc/passwd- file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd- root: NA NA
V-257909	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257909: RHEL 9 /etc/passwd- file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/passwd- :root NA NA
V-257910	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257910: RHEL 9 /etc/shadow file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow root: NA NA
V-257911	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257911: RHEL 9 /etc/shadow file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow :root NA NA
V-257912	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257912: RHEL 9 /etc/shadow- file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow- root: NA NA
V-257913	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257913: RHEL 9 /etc/shadow- file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow- :root NA NA
V-257914	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257914: RHEL 9 /var/log directory must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log root: NA NA
V-257915	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257915: RHEL 9 /var/log directory must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log :root NA NA
V-257916	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257916: RHEL 9 /var/log/messages file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log/messages root: NA NA
V-257917	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257917: RHEL 9 /var/log/messages file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /var/log/messages :root NA NA
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 1	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /bin :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 2	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 3	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/bin :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 4	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/sbin :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 5	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/libexec :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 6	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/bin :root: NA RECURSIVE
V-257918	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257918: RHEL 9 system commands must be owned by root. Part 7	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/sbin :root: NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /bin :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/bin :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/sbin :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/libexec :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/bin :root NA RECURSIVE
V-257919	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257919: RHEL 9 system commands must be group-owned by root or a system account. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/local/sbin :root NA RECURSIVE
V-257920	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257920: RHEL 9 library files must be owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib root: NA RECURSIVE
V-257920	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257920: RHEL 9 library files must be owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 root: NA RECURSIVE
V-257920	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257920: RHEL 9 library files must be owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib root: NA RECURSIVE
V-257920	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257920: RHEL 9 library files must be owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 root: NA RECURSIVE
V-257921	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257921: RHEL 9 library files must be group-owned by root or a system account. Part 1	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib :root NA RECURSIVE
V-257921	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257921: RHEL 9 library files must be group-owned by root or a system account. Part 2	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 :root NA RECURSIVE
V-257921	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257921: RHEL 9 library files must be group-owned by root or a system account. Part 3	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib :root NA RECURSIVE
V-257921	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257921: RHEL 9 library files must be group-owned by root or a system account. Part 4	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 :root NA RECURSIVE
V-257922	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257922: RHEL 9 library directories must be owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib root: NA RECURSIVE_DIRECTORIES
V-257922	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257922: RHEL 9 library directories must be owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 root: NA RECURSIVE_DIRECTORIES
V-257922	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257922: RHEL 9 library directories must be owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib root: NA RECURSIVE_DIRECTORIES
V-257922	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257922: RHEL 9 library directories must be owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 root: NA RECURSIVE_DIRECTORIES
V-257923	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257923: RHEL 9 library directories must be group-owned by root or a system account. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib :root NA RECURSIVE_DIRECTORIES
V-257923	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257923: RHEL 9 library directories must be group-owned by root or a system account. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /lib64 :root NA RECURSIVE_DIRECTORIES
V-257923	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257923: RHEL 9 library directories must be group-owned by root or a system account. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib :root NA RECURSIVE_DIRECTORIES
V-257923	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257923: RHEL 9 library directories must be group-owned by root or a system account. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /usr/lib64 :root NA RECURSIVE_DIRECTORIES
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditctl root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/aureport root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/ausearch root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/autrace root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditd root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/rsyslogd root: NA NA
V-257924	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257924: RHEL 9 audit tools must be owned by root. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/augenrules root: NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditctl :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/aureport :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/ausearch :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/autrace :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/auditd :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/rsyslogd :root NA NA
V-257925	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257925: RHEL 9 audit tools must be group-owned by root. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /sbin/augenrules :root NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.d root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.daily root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.deny root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.hourly root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.monthly root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/crontab root: NA NA
V-257926	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257926: RHEL 9 cron configuration files directory must be owned by root. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.weekly root: NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.d :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.daily :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.deny :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 4.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.hourly :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 5.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.monthly :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 6.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/crontab :root NA NA
V-257927	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257927: RHEL 9 cron configuration files directory must be group-owned by root. Part 7.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/cron.weekly :root NA NA
V-257929	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257929: A sticky bit must be set on all RHEL 9 public directories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filesystem_config Arguments: stickybit
V-257930	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257930: All RHEL 9 local files and directories must have a valid group owner.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/userfiles Arguments: ungrouped true
V-257931	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257931: All RHEL 9 local files and directories must have a valid owner.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/userfiles Arguments: unowned true
V-257932	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257932: RHEL 9 must be configured so that all system device files are correctly labeled to prevent unauthorized modification.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/selinux_config Arguments: device_labels
V-257933	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257933: RHEL 9 /etc/crontab file must have mode 0600.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/crontab NA 600 NA
V-257934	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257934: RHEL 9 /etc/shadow file must have mode 0000 to prevent unauthorized access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/shadow NA 0000 NA
V-257935	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257935: RHEL 9 must have the firewalld package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: firewalld install
V-257936	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257936: The firewalld service on RHEL 9 must be active.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: firewalld active
V-257939	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257939: RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/firewalld_conf Arguments: FirewallBackend nftables
V-257941	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257941: RHEL 9 network interfaces must not be in promiscuous mode.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network_interfaces Arguments: promiscuous_mode
V-257942	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257942: RHEL 9 must enable hardening for the Berkeley Packet Filter just-in-time compiler.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_tuning_options Arguments: kernel net.core.bpf_jit_harden 2
V-257943	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257943: RHEL 9 must have the chrony package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: chrony install
V-257944	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257944: RHEL 9 chronyd service must be enabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: chrony active
V-257945	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257945: RHEL 9 must securely compare internal information system clocks at least every 24 hours.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/chrony_configure Arguments: maxpoll 16
V-257946	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257946: RHEL 9 must disable the chrony daemon from acting as a server.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/chrony_configure Arguments: option port 0
V-257947	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257947: RHEL 9 must disable network management of the chrony daemon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/chrony_configure Arguments: option cmdport 0
V-257948	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257948: RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/resolv_conf Arguments: two_dns
V-257950	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257950: RHEL 9 must not have unauthorized IP tunnels configured.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ipsec Arguments: ipsec
V-257951	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257951: RHEL 9 must be configured to prevent unrestricted mail relaying.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/postfix Arguments: mail_relay
V-257953	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257953: RHEL 9 must forward mail from postmaster to the root account using a postfix alias.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/postfix Arguments: alias postmaster root
V-257954	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257954: RHEL 9 libreswan package must be installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: libreswan install
V-257955	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257955: There must be no shosts.equiv files on RHEL 9.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/remote_access_rules Arguments: shostsequiv true
V-257956	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257956: There must be no .shosts files on RHEL 9.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/legacy_user_trust_files Arguments: shosts remove
V-257957	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257957: RHEL 9 must be configured to use TCP syncookies.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: tcp_syncookies true
V-257958	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257958: RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: accept_redirects false
V-257959	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257959: RHEL 9 must not forward Internet Protocol version 4 (IPv4) source-routed packets.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: accept_source_route false
V-257960	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257960: RHEL 9 must log IPv4 packets with impossible addresses.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: log_martians true
V-257962	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257962: RHEL 9 must use reverse path filtering on all IPv4 interfaces.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: rp_filter true
V-257966	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257966: RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: icmp_echo_ignore_broadcasts true
V-257967	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257967: RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: icmp_ignore_bogus_error_responses true
V-257968	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257968: RHEL 9 must not send Internet Control Message Protocol (ICMP) redirects.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: send_redirects false
V-257970	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257970: RHEL 9 must not enable IPv4 packet forwarding unless the system is a router.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: ipforwarding false
V-257971	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257971: RHEL 9 must not accept router advertisements on all IPv6 interfaces.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-tuning-options-rules Arguments: accept_ra false
V-257978	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257978: All RHEL 9 networked systems must have SSH installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: sshd install
V-257980	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257980: RHEL 9 must have the openssh-clients package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: ssh install
V-257981	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257981: RHEL 9 must have a banner configured for SSH.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: Banner /etc/issue.net /etc/ssh/sshd_config DOD
V-257982	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257982: RHEL 9 must log SSH connection attempts and failures to the server.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: MULTIPLE LogLevel VERBOSE INFO /etc/ssh/sshd_config
V-257983	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257983: RHEL 9 SSHD must accept public key authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: PubkeyAuthentication yes /etc/ssh/sshd_config
V-257984	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257984: RHEL 9 SSHD must not allow blank passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: PermitEmptyPasswords no /etc/ssh/sshd_config
V-257985	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257985: RHEL 9 must not permit direct logons to the root account using remote access via SSH.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: PermitRootLogin no /etc/ssh/sshd_config
V-257986	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257986: RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: UsePAM yes /etc/ssh/sshd_config
V-257987	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257987: RHEL 9 SSH daemon must be configured to use system-wide crypto policies.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_misc_rules Arguments: ssh_security_policy
V-257988	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257988: RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH connections.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_misc_rules Arguments: ssh_security_policy
V-257989	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257989: The RHEL 9 SSH server must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/system_crypto Arguments: fips_crypto_policy
V-257991	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257991: The RHEL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/system_crypto Arguments: macs_crypto_policy
V-257992	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257992: RHEL 9 must not allow a noncertificate trusted host SSH logon to the system.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: HostbasedAuthentication no /etc/ssh/sshd_config
V-257993	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257993: RHEL 9 must not allow users to override SSH environment variables.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: PermitUserEnvironment no /etc/ssh/sshd_config
V-257994	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257994: RHEL 9 must force a frequent session key renegotiation for SSH connections to the server.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: RekeyLimit "1G 1h" /etc/ssh/sshd_config
V-257995	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257995: RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: ClientAliveCountMax 1 /etc/ssh/sshd_config
V-257996	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257996: RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: LE ClientAliveInterval 600 600 /etc/ssh/sshd_config
V-257997	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257997: RHEL 9 SSH server configuration file must be group-owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/ssh/sshd_config :root NA NA
V-257998	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257998: RHEL 9 SSH server configuration file must be owned by root.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/ssh/sshd_config root: NA NA
V-257999	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-257999: RHEL 9 SSH server configuration file must have mode 0600 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/ssh/sshd_config NA 600 MORE
V-258000	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258000: RHEL 9 SSH private host key files must have mode 0640 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: '/etc/ssh/ssh_host*key' NA 640 WILDCARD_MORE
V-258001	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258001: RHEL 9 SSH public host key files must have mode 0644 or less permissive.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: '/etc/ssh/*key.pub' NA 644 WILDCARD_MORE
V-258002	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258002: RHEL 9 SSH daemon must not allow compression or must only allow compression after successful authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: MULTIPLE Compression no delayed /etc/ssh/sshd_config
V-258003	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258003: RHEL 9 SSH daemon must not allow GSSAPI authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: GSSAPIAuthentication no /etc/ssh/sshd_config
V-258004	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258004: RHEL 9 SSH daemon must not allow Kerberos authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: KerberosAuthentication no /etc/ssh/sshd_config
V-258005	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258005: RHEL 9 SSH daemon must not allow rhosts authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: IgnoreRhosts yes /etc/ssh/sshd_config
V-258006	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258006: RHEL 9 SSH daemon must not allow known hosts authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: IgnoreUserKnownHosts yes /etc/ssh/sshd_config
V-258007	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258007: RHEL 9 SSH daemon must disable remote X connections for interactive users.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: X11Forwarding no /etc/ssh/sshd_config
V-258008	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258008: RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: StrictModes yes /etc/ssh/sshd_config
V-258009	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258009: RHEL 9 SSH daemon must display the date and time of the last successful account logon upon an SSH logon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: PrintLastLog yes /etc/ssh/sshd_config
V-258011	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258011: RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ssh_config_rules Arguments: X11UseLocalHost yes /etc/ssh/sshd_config
V-258012	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258012: RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gdm_banner Arguments: DOD on
V-258013	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258013: RHEL 9 must prevent a user from overriding the banner-message-enable setting for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gdm_banner Arguments: locked
V-258014	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258014: RHEL 9 must disable the graphical user interface automount function unless required.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_automount Arguments:
V-258015	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258015: RHEL 9 must prevent a user from overriding the disabling of the graphical user interface automount function.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/desktop/media-handling/automount-open /etc/dconf/db/local.d/locks/00-security-settings-lock
V-258016	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258016: RHEL 9 must disable the graphical user interface autorun function unless required.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting string "[org/gnome/desktop/media-handling]autorun-never='true'" /etc/dconf/db/local.d/00-security-settings
V-258017	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258017: RHEL 9 must prevent a user from overriding the disabling of the graphical user interface autorun function.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: lockkey_value add /org/gnome/desktop/media-handling/autorun-never /etc/dconf/db/local.d/locks/00-security-settings-lock
V-258018	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258018: RHEL 9 must not allow unattended or automatic logon via the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting string "[daemon]AutomaticLoginEnable='false'" /etc/gdm/custom.conf
V-258019	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258019: RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting string "[org/gnome/settings-daemon/peripherals/smartcard]removal-action='lock-screen'" /etc/dconf/db/local.d/00-security-settings
V-258020	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258020: RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/settings-daemon/peripherals/smartcard/removal-action /etc/dconf/db/local.d/locks/00-security-settings-lock
V-258021	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258021: RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting string "[org/gnome/desktop/screensaver]lock-enabled=true" /etc/dconf/db/local.d/00-screensaver
V-258022	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258022: RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/desktop/screensaver/lock-enabled /etc/dconf/db/local.d/locks/session
V-258023	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258023: RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting le "[org/gnome/desktop/session]idle-delay=uint32 900" /etc/dconf/db/local.d/00-screensaver
V-258024	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258024: RHEL 9 must prevent a user from overriding the session idle-delay setting for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/desktop/session/idle-delay /etc/dconf/db/local.d/locks/session
V-258025	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258025: RHEL 9 must initiate a session lock for graphical user interfaces when the screensaver is activated.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting le "[org/gnome/desktop/screensaver]lock-delay=uint32 5" /etc/dconf/db/local.d/00-screensaver
V-258026	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258026: RHEL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/desktop/screensaver/lock-delay /etc/dconf/db/local.d/locks/session
V-258028	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258028: RHEL 9 effective dconf policy must match the policy keyfiles.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: database_is_current
V-258029	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258029: RHEL 9 must disable the ability of a user to restart the system from the login screen.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: gsettings org.gnome.login-screen disable-restart-buttons true
V-258030	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258030: RHEL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/login-screen/disable-restart-buttons /etc/dconf/db/local.d/locks/session
V-258031	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258031: RHEL 9 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: gsettings org.gnome.settings-daemon.plugins.media-keys logout "['']"
V-258032	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258032: RHEL 9 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical user interface.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: key_value add /org/gnome/settings-daemon/plugins/media-keys/logout /etc/dconf/db/local.d/locks/session
V-258033	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258033: RHEL 9 must disable the user list at logon for graphical user interfaces.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/gnome_config Arguments: ini_setting string "[org/gnome/login-screen]disable-user-list='true'" /etc/dconf/db/local.d/02-login-screen
V-258034	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258034: RHEL 9 must be configured to disable USB mass storage.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: usb-storage
V-258035	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258035: RHEL 9 must have the USBGuard package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: usbguard install
V-258036	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258036: RHEL 9 must have the USBGuard package enabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: usbguard active
V-258037	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258037: RHEL 9 must enable Linux audit logging for the USBGuard daemon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/usbguard Arguments: audit
V-258038	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258038:RHEL 9 must block unauthorized peripherals before establishing a connection.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/usbguard Arguments: unauthorized_peripherals
V-258039	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258039: RHEL 9 Bluetooth must be disabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kernel_modules Arguments: bluetooth
V-258040	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258040: RHEL 9 wireless network adapters must be disabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/network-wireless-rules Arguments:
V-258041	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258041: RHEL 9 user account passwords for new users or password changes must have a 60-day maximum password lifetime restriction in /etc/login.defs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_defs Arguments: PASS_MAX_DAYS LE 60
V-258042	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258042: RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/shadow Arguments: maxdays 60
V-258043	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258043: All RHEL 9 local interactive user accounts must be assigned a home directory upon creation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_defs Arguments: CREATE_HOME ANY yes
V-258044	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258044: RHEL 9 must set the umask value to 077 for all local interactive user accounts.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/misc_rules Arguments: misc_umask 077
V-258045	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258045: RHEL 9 duplicate User IDs (UIDs) must not exist for interactive users.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/passwdgrp_rules Arguments: dupuid true
V-258046	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258046: RHEL 9 system accounts must not have an interactive login shell.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/defaccounts Arguments: systemacct true
V-258048	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258048: All RHEL 9 interactive users must have a primary group that exists.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/passwdgrp_rules Arguments: grppasswd true
V-258050	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258050: Executable search paths within the initialization files of all local interactive RHEL 9 users must only contain paths that resolve to the system default or the users home directory.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/user_paths Arguments: pathcheck
V-258051	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258051: All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/homeconfig Arguments: homedirexist true 100
V-258052	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258052: All RHEL 9 local interactive user home directories defined in the /etc/passwd file must exist.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/homeconfig Arguments: homedirexist true 100
V-258053	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258053: All RHEL 9 local interactive user home directories must be group-owned by the home directory owner's primary group.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/homeconfig Arguments: homedir_group_is_user_group
V-258054	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258054: RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: deny 3
V-258055	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258055: RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: even_deny_root /etc/security/faillock.conf
V-258056	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258056: RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: fail_interval 900
V-258057	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258057: RHEL 9 must maintain an account lock until the locked account is released by an administrator.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: unlock_time 0
V-258059	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258059: The root account must be the only account having unrestricted access to RHEL 9 system.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rootpath Arguments: rootgid true
V-258060	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258060: RHEL 9 must ensure account lockouts persist.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: dir /var/log/faillock
V-258061	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258061: RHEL 9 groups must have unique Group ID (GID).	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/passwdgrp_rules Arguments: dupgid true
V-258062	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258062: Local RHEL 9 initialization files must not execute world-writable programs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/user_paths Arguments: startup_exec
V-258068	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258068: RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/defaccounts Arguments: shelltmout 900
V-258069	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258069: RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/limits_conf Arguments: limit hard maxlogins 10
V-258070	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258070: RHEL 9 must log username information when unsuccessful logon attempts occur. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: faillock
V-258070	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258070: RHEL 9 must log username information when unsuccessful logon attempts occur. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: audit /etc/security/faillock.conf
V-258071	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258071: RHEL 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_defs Arguments: FAIL_DELAY GE 4
V-258072	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258072: RHEL 9 must define default permissions for the bash shell.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/misc_rules Arguments: misc_root_umask /etc/bashrc 0077
V-258073	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258073: RHEL 9 must define default permissions for the c shell.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/misc_rules Arguments: misc_root_umask /etc/csh.cshrc 0077
V-258074	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258074: RHEL 9 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_defs Arguments: UMASK GE 077
V-258075	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258075: RHEL 9 must define default permissions for the system default profile.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/misc_rules Arguments: misc_root_umask /etc/profile 0077
V-258076	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258076: RHEL 9 must display the date and time of the last successful account logon upon logon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_postlogin Arguments: lastlogin
V-258077	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258077: RHEL 9 must terminate idle user sessions.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/generic_ini_config Arguments: add /etc/systemd/logind.conf Login StopIdleSessionSec 900
V-258078	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258078: RHEL 9 must use a Linux Security Module configured to enforce limits on system services.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/selinux_config Arguments: state
V-258079	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258079: RHEL 9 must enable the SELinux targeted policy.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/selinux_config Arguments: targeted
V-258080	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258080: RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: dir /var/log/faillock
V-258080	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258080: RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: faillock
V-258080	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258080: RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/selinux_config Arguments: faillock
V-258081	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258081: RHEL 9 must have policycoreutils package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: policycoreutils install
V-258082	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258082: RHEL 9 policycoreutils-python-utils package must be installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: policycorepython install
V-258083	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258083: RHEL 9 must have the sudo package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: sudo install
V-258086	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258086: RHEL 9 must require users to reauthenticate for privilege escalation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sudo_reauthenticate_on
V-258087	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258087: RHEL 9 must restrict privilege elevation to authorized personnel.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sap_hana_restrict_sudo
V-258089	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258089: RHEL 9 fapolicy module must be installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: fapolicy install
V-258090	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258090: RHEL 9 fapolicy module must be enabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: fapolicy enable
V-258091	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258091: RHEL 9 must ensure the password complexity module in the system-auth file is configured for three retries or less.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: retry 3
V-258094	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258094: RHEL 9 must not allow blank or null passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: noname 'pam_unix[^#]*nullok' '/etc/pam.d/{password,system}-auth'
V-258095	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258095: RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: faillock
V-258096	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258096: RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: faillock
V-258097	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258097: RHEL 9 must ensure the password complexity module is enabled in the password-auth file.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: name 'pam_pwpwquality.so' '/etc/pam.d/password-auth'
V-258098	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258098: RHEL 9 must ensure the password complexity module is enabled in the system-auth file.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: name 'pam_pwpwquality.so' '/etc/pam.d/system-auth'
V-258099	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258099: RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: rounds 100000 /etc/pam.d/password-auth
V-258100	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258100: RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: rounds 100000 /etc/pam.d/system-auth
V-258101	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258101: RHEL 9 must enforce password complexity rules for the root account.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: enforce_for_root /etc/security/pwquality.conf
V-258102	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258102: RHEL 9 must enforce password complexity by requiring that at least one lowercase character be used.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: lcredit -1
V-258103	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258103: RHEL 9 must enforce password complexity by requiring that at least one numeric character be used.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: dcredit -1
V-258104	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258104: RHEL 9 passwords for new users or password changes must have a 24 hours minimum password lifetime restriction in /etc/login.defs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/password_rules Arguments: minage 1
V-258105	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258105: RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/shadow Arguments: mindays 1
V-258106	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258106: RHEL 9 must require users to provide a password for privilege escalation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sudo_nopasswd Arguments:
V-258107	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258107: RHEL 9 passwords must be created with a minimum of 15 characters.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: minlen 15
V-258109	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258109: RHEL 9 must enforce password complexity by requiring that at least one special character be used.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: ocredit -1
V-258110	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258110: RHEL 9 must prevent the use of dictionary words for passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: dictcheck 1
V-258111	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258111: RHEL 9 must enforce password complexity by requiring that at least one uppercase character be used.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: ucredit -1
V-258112	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258112: RHEL 9 must require the change of at least eight characters when passwords are changed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: difok 8
V-258113	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258113: RHEL 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: maxclassrepeat 4
V-258114	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258114: RHEL 9 must require the maximum number of repeating characters be limited to three when passwords are changed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: maxrepeat 3
V-258115	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258115: RHEL 9 must require the change of at least four character classes when passwords are changed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: minclass 4
V-258116	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258116: RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/generic_ini_config Arguments: add /etc/libuser.conf defaults crypt_style sha512
V-258117	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258117: RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_defs Arguments: ENCRYPT_METHOD ANY SHA512
V-258118	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258118: RHEL must not be configured to bypass password requirements for privilege escalation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/login_rules Arguments: nobypass
V-258120	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258120: RHEL 9 must not have accounts configured with blank or null passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/validation_rules Arguments: validate-password true
V-258121	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258121: RHEL 9 must use the common access card (CAC) smart card driver.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pcsc_config Arguments: set app:default:card_driver cac
V-258122	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258122: RHEL 9 must enable certificate based smart card authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: add pam pam_cert_auth True any
V-258123	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258123: RHEL 9 must implement certificate status checking for multifactor authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: add sssd certificate_verification ocsp_dgst=sha512 any
V-258124	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258124: RHEL 9 must have the pcsc-lite package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: pcsc-lite install
V-258125	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258125: The pcscd service on RHEL 9 must be active.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: pcsc-lite active
V-258126	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258126: RHEL 9 must have the opensc package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: opensc install
V-258128	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258128: RHEL 9 must require authentication to accessemergency mode.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rescue_mode Arguments: emergency
V-258129	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258129: RHEL 9 must require authentication to access single-user mode.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rescue_mode Arguments: rescue
V-258130	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258130: RHEL 9 must prevent system daemons from using Kerberos for authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/kerberos_config
V-258132	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258132: RHEL 9 must map the authenticated identity to the user or group account for PKI-based authentication. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: add certmap/testing.test/rule_name matchrule ".*EDIPI@mil" any
V-258132	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258132: RHEL 9 must map the authenticated identity to the user or group account for PKI-based authentication. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: add certmap/testing.test/rule_name maprule "(userCertificate;binary={cert!bin})" any
V-258132	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258132: RHEL 9 must map the authenticated identity to the user or group account for PKI-based authentication. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: add certmap/testing.test/rule_name domains "testing.test" any
V-258133	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258133: RHEL 9 must prohibit the use of cached authenticators after one day.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sssd_config Arguments: conditional pam offline_credentials_expiration 1 any
V-258134	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258134: RHEL 9 must have the AIDE package installed. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: aide install
V-258135	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258135: RHEL 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filemon_rules Arguments: file_monitor true dod root@localhost
V-258134	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258134: RHEL 9 must have the AIDE package installed. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/aide_db_rules
V-258136	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258136: RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filemon_rules Arguments: attribute sha512
V-258137	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258137: RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filemon_rules Arguments: aide_crypto
V-258138	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258138: RHEL 9 must be configured so that the file integrity tool verifies Access Control Lists (ACLs).	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filemon_rules Arguments: attribute acl
V-258139	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258139: RHEL 9 must be configured so that the file integrity tool verifies extended attributes.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/filemon_rules Arguments: attribute xattrs
V-258140	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258140: RHEL 9 must have the rsyslog package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: rsyslog install
V-258141	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258141: RHEL 9 must have the packages required for encrypting offloaded audit logs installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: rsyslog-gnutls install
V-258142	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258142: The rsyslog service on RHEL 9 must be active.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: rsyslog active
V-258143	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258143: RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: NoRemoteClients
V-258144	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258144: All RHEL 9 remote access methods must be monitored. Part 1.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: FacilityLogging auth
V-258144	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258144: All RHEL 9 remote access methods must be monitored. Part 2.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: FacilityLogging authpriv
V-258144	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258144: All RHEL 9 remote access methods must be monitored. Part 3.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: FacilityLogging daemon
V-258146	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258146: RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: ConfigParam ActionSendStreamDriverAuthMode StreamDriver.AuthMode x509/name
V-258147	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258147: RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: ConfigParam ActionSendStreamDriverMode StreamDriver.Mode 1
V-258148	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258148: RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: DefaultNetstreamDriver
V-258149	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258149: RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/sap_hana_syslog_forwarding Arguments:
V-258150	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258150: RHEL 9 must use cron logging.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/rsyslog_config_rules Arguments: CronLogging
V-258151	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258151: RHEL 9 audit package must be installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: audit_server install
V-258152	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258152: RHEL 9 audit service must be enabled.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/systemd_services Arguments: audit_server enable
V-258153	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258153: RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: disk_error_action syslog:single:halt
V-258154	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258154: RHEL 9 audit system must take appropriate action when the audit storage volume is full.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: disk_full_action syslog:single:halt
V-258155	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258155: RHEL 9 must allocate audit record storage capacity to store at least one week's worth of audit records.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_log_space 10
V-258156	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258156: RHEL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: space_left 25%
V-258157	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258157: RHEL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: space_left_action email
V-258158	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258158: RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: admin_space_left 5%
V-258159	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258159: RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: admin_space_left_action single
V-258160	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258160: RHEL 9 audit system must take appropriate action when the audit files have reached maximum size.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: max_log_file_action rotate:single
V-258161	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258161: RHEL 9 must label all offloaded audit logs before sending them to the central log server.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: name_format hostname:fqd:numeric
V-258162	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258162: RHEL 9 must take appropriate action when the internal event queue is full.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: overflow_action syslog:single:halt
V-258163	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258163: RHEL 9 System Administrator (SA) and/or information system security officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: action_mail_acct root
V-258164	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258164: RHEL 9 audit system must audit local events.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: local_events yes
V-258165	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258165: RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: log_group root
V-258166	RHEL9 DoDv7 policy recommendations	Implements Linux DoDv7 V-258166: : RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_permissions Arguments: logfiles "N/A" :root
V-258166	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258166: RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_permissions Arguments: logdir "N/A" root:
V-258167	RHEL9 DoDv7 policy recommendations	Implements Linux DoDv7 V-258167: RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_permissions Arguments: logfiles 0600 "N/A" LESS
V-258168	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258168: RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: freq 100
V-258169	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258169: RHEL 9 must produce audit records containing information to establish the identity of any individual or process associated with the event.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: log_format enriched
V-258170	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258170: RHEL 9 must write audit records to disk.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_config Arguments: write_logs yes
V-258171	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258171: RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/audit/auditd.conf NA 640 MORE
V-258171	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258171: RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/audit/audit.rules NA 640 MORE
V-258171	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258171: RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: /etc/audit/rules.d/audit.rules NA 640 MORE
V-258171	RHEL9 Security Recommendation Rules	Implements Linux DoDv7 V-258171: RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/file_owner_permissions Arguments: '/etc/audit/rules.d/*.rules' NA 640 WILDCARD_MORE
V-258173	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258173: RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/grub_rules Arguments: audit_backlog_limit GE 8192
V-258174	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258174: RHEL 9 must have mail aliases to notify the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of an audit processing failure.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/postfix Arguments: alias root ISSO,SA
V-258180	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258180: RHEL 9 must audit all uses of umount system calls.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule umount.usage
V-258181	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258181: RHEL 9 must audit all uses of the chacl command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule chacl.usage
V-258182	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258182: RHEL 9 must audit all uses of the setfacl command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule setfacl.usage
V-258183	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258183: RHEL 9 must audit all uses of the chcon command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule chcon.usage
V-258184	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258184: RHEL 9 must audit all uses of the semanage command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule semanage.usage
V-258185	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258185: RHEL 9 must audit all uses of the setfiles command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule setfiles.usage
V-258186	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258186: RHEL 9 must audit all uses of the setsebool command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule setsebool.usage
V-258189	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258189: RHEL 9 must audit all uses of the delete_module system call.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule delete_module.usage
V-258190	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258190: RHEL 9 must audit all uses of the init_module and finit_module system calls.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule init_finit_module.usage
V-258191	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258191: RHEL 9 must audit all uses of the chage command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule chage.usage
V-258192	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258192: RHEL 9 must audit all uses of the chsh command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule chsh.usage
V-258193	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258193: RHEL 9 must audit all uses of the crontab command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule crontab.usage
V-258194	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258194: RHEL 9 must audit all uses of the gpasswd command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule gpasswd.usage
V-258195	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258195: RHEL 9 must audit all uses of the kmod command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule kmod.usage
V-258196	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258196: RHEL 9 must audit all uses of the newgrp command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule newgrp.usage
V-258197	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258197: RHEL 9 must audit all uses of the pam_timestamp_check command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule pam_timestamp_check.usage
V-258198	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258198: RHEL 9 must audit all uses of the passwd command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule passwd.usage
V-258199	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258199: RHEL 9 must audit all uses of the postdrop command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule postdrop.usage
V-258200	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258200: RHEL 9 must audit all uses of the postqueue command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule postqueue.usage
V-258201	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258201: RHEL 9 must audit all uses of the ssh-agent command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule ssh-agent.usage
V-258202	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258202: RHEL 9 must audit all uses of the ssh-keysign command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule ssh-keysign.usage
V-258203	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258203: RHEL 9 must audit all uses of the su command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule su.usage
V-258204	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258204: RHEL 9 must audit all uses of the sudo command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule sudo.usage
V-258205	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258205: RHEL 9 must audit all uses of the sudoedit command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule sudoedit.usage
V-258206	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258206: RHEL 9 must audit all uses of the unix_chkpwd command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule unix_chkpwd.usage
V-258207	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258207: RHEL 9 must audit all uses of the unix_update command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule unix_update.usage
V-258208	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258208: RHEL 9 must audit all uses of the userhelper command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule userhelper.usage
V-258209	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258209: RHEL 9 must audit all uses of the usermod command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule usermod.usage
V-258210	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258210: RHEL 9 must audit all uses of the mount command.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule mount.usage
V-258211	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258211: Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule init.usage
V-258212	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258212: Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule poweroff.usage
V-258213	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258213: Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule reboot.usage
V-258214	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258214: Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule shutdown.usage
V-258215	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258215: Successful/unsuccessful uses of the umount system call in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule umount.syscall.usage
V-258216	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258216: Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit record.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_rule umount2.usage
V-258227	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258227: RHEL 9 must take appropriate action when a critical audit processing failure occurs.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit.failure panic
V-258228	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258228: RHEL 9 audit system must protect logon UIDs from unauthorized change.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_loginuids enable
V-258229	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258229: RHEL 9 audit system must protect auditing rules from unauthorized change.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/audit_rules Arguments: audit_immutable 2
V-258230	RHEL9 DoDv7 Security Recommendations Rules	Implements Linux DoDv7 V-258230: RHEL 9 must enable FIPS mode.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/fips Arguments: fipsmode
V-258231	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258231: RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/shadow Arguments: fips_hash
V-258232	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258232: RHEL 9 IP tunnels must use FIPS 140-3 approved cryptographic algorithms.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/ipsec Arguments: ipsec_crypto_policy
V-258233	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258233: RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/pam_configuration Arguments: fips_password_crypto
V-258234	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258234: RHEL 9 must have the crypto-policies package installed.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/package_install Arguments: crypto-policies install
V-258236	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258236: RHEL 9 cryptographic policy must not be overridden.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/system_crypto Arguments: crypto_policy_no_overrides
V-258241	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258241: RHEL 9 must implement a FIPS 140-3 compliant systemwide cryptographic policy.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/fips Arguments: fips_crypto_policy
V-258242	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-258242: RHEL 9 must implement DOD-approved encryption in the bind package.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/named_conf Arguments: crypto-policy
V-270177	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-270177: The RHEL 9 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/system_crypto Arguments: fips_client_crypto_policy
V-270178	RHEL9 DoDv7 Security Recommendation Rules	Implements Linux DoDv7 V-270178:The RHEL 9 SSH client must be configured to use only DOD-approved Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections.	/etc/security/pscxpert/bin/adapter /etc/security/pscxpert/bin/system_crypto Arguments: fips_client_macs_policy