In the event of a system failure, AIX must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-215407 | AIX7-00-003109 | SV-215407r991562_rule | CCI-001665 | medium |
| Description | ||||
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes. | ||||
| STIG | Date | |||
| IBM AIX 7.x Security Technical Implementation Guide | 2024-08-16 | |||
Details
Check Text (C-215407r991562_chk)
To display the current dump device settings enter the following command:
#sysdumpdev -l
primary /dev/lg_dumplv
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump FALSE
dump compression ON
type of dump fw-assisted
full memory dump disallow
If the primary device and copy directory is not configured, this is a finding.
Fix Text (F-16603r294673_fix)
The "sysdumpdev" command should be used to configure dump device.
#sysdumpdev -p "Primary dump device"
#sysdumpdev -d <directory>
Note: The "-d <directory> " specifies the directory the device is copied to at boot time.