redhatgov / ssg-el6-kickstart Goto Github PK
View Code? Open in Web Editor NEWDVD embedded Kickstart for RHEL 6 utilizing SCAP Security Guide (SSG) as a hardening script.
License: Other
DVD embedded Kickstart for RHEL 6 utilizing SCAP Security Guide (SSG) as a hardening script.
License: Other
Hello,
I have been using the ssg-el6-kickstart for a hardened baseline build for a few years now with great results. I noticed one small issue with the latest release that is easily fixed:
When operating in runlevel 5 I was unable to log back in to the machine once it reached the lock screen. After unsuccessfully trying a few fixes I noticed a sequence in /var/log/secure that pointed the culprit out.
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) illegal module type: %PAM-1.0
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) no control flag supplied
Aug 15 16:35:32 XXX gnome-screensaver-dialog: PAM (gnome-screensaver) no module name supplied
The first line of /etc/pam.d/gnome-screensaver should be "#%PAM-1.0" instead of "%PAM-1.0". Looks to have the typo in ipa-pam-configuration.sh also.
Otherwise everything else is excellent. I hope this helps.
For the life of me, I cannot seem to figure out how to make Remote Desktop / XRDP work. I have tried everything I can find, performed multiple re-installs, along with different workstation types. But nothing seems to change the fact that I cannot connect to the hardened workstation via remote desktop.
Note I have managed to get the hardening script to work with CentOS 6.8 without issue or error during the installation.
I've tested my procedure of setting up Remote Desktop / XRDP on an unhardened instance and it works without issue but to no avail it will not work with the hardened image.
Am I missing something within the hardening configuration scripts that is preventing the ability for me to remote desktop into the machine?
Any insight or assistance someone could lend would be greatly appreciated!
I would like to change the Licence of this project from GNU Public Licence version 2 (GPLv2) to Apache Public Licence 2.0 (APL2.0) to allow people to utilize this software without having to submit changes back to the project. I believe that this will allow for better use in the DOD/IC without the requirements to give back everything - however, it would still remain open source as a reference model.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.