Hardening Procedure

Application Notes : FOXMAN-UN R18 RHEL9 Hardened Installation : Hardening Procedure

Hardening Procedure

Step 2* - Deviation from the standard OS installation

For the step 2*: installation of the RHEL 9.6, a deviation from the standard procedure (see reference [2]) is required.

The CIS hardening requests a dedicated file system setup as defined in the FOXMAN-UN Release Note R18 [1], tables “Recommended Partitioning Setup” and “Recommended LVM Physical Volume” in chapter “Partition Setup”.

Recommended values are dependent on the actual deployment.

Changes that need to be done:

• /home must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.

• /tmp must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.

• /var must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.

• /var/tmp must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.

• /var/log must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.

• /var/log/audit must be on a separate partition or logical volume and has to be created in the partitioning layout before installation can occur with a security profile.