The system must use a separate file system for /var/log.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38463 | RHEL-06-000003 | SV-50263r1_rule | Low |
| Description |
|---|
| Placing "/var/log" in its own partition enables better separation between log files and other files in "/var/". |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2015-05-26 |
Details
| Check Text ( C-46018r1_chk ) |
|---|
| Run the following command to determine if "/var/log" is on its own partition or logical volume: $ mount | grep "on /var/log " If "/var/log" has its own partition or volume group, a line will be returned. If no line is returned, this is a finding. |
| Fix Text (F-43408r1_fix) |
|---|
| System logs are stored in the "/var/log" directory. Ensure that it has its own partition or logical volume at installation time, or migrate it using LVM. |