-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathSV-257783.rb
36 lines (30 loc) · 1.22 KB
/
SV-257783.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
control 'SV-257783' do
title 'RHEL 9 systemd-journald service must be enabled.'
desc 'In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.'
desc 'check', 'Verify that "systemd-journald" is active with the following command:
$ systemctl is-active systemd-journald
active
If the systemd-journald service is not active, this is a finding.'
desc 'fix', 'To enable the systemd-journald service, run the following command:
$ sudo systemctl enable --now systemd-journald'
impact 0.5
ref 'DPMS Target Red Hat Enterprise Linux 9'
tag check_id: 'C-61524r925334_chk'
tag severity: 'medium'
tag gid: 'V-257783'
tag rid: 'SV-257783r991562_rule'
tag stig_id: 'RHEL-09-211040'
tag gtitle: 'SRG-OS-000269-GPOS-00103'
tag fix_id: 'F-61448r925335_fix'
tag 'documentable'
tag cci: ['CCI-001665']
tag nist: ['SC-24']
tag 'host'
only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do
!virtualization.system.eql?('docker')
end
describe service('systemd-journald') do
it { should be_enabled }
it { should be_running }
end
end