Security Provisioning

[priyaster]

Completed 1.1.1 and 1.1.2 from CIS_NGINX benchmark

[Phabbits]

Completed: CIS_Ubuntu: 1.1.1.1 - 1.1.1.5, 1.1.1.7 1.1.2 via /etc/fstab 1.1.3, 1.1.4, 1.1.5 1.1.6 via /etc/fstab 1.1.7, 1.1.8, 1.1.9 1.1.12, 1.1.13, 1.1.14 1.1.18,1.1.19,1.1.20,1.1.21 1.1.22,1.1.23 1.1.24 1.2.1,1.2.2 1.3.1

You can pick up on Page 76

[Phabbits]

1.3.2 1.4.1 1.4.2 superuser: group20 password: "Hello Hands!" custom config file: /etc/grub.d/custom.cfg had to chmod 755 /etc/grub.d/custom.cfg 1.4.3,1.4.4 1.5.1,1.5.2,1.5.2 1.5.4 Could not get coredump.service installed

Pick up page 97

[phatginger]

Working with Apparmor as the secure provisioning document talked about. Almost completed but once I set apparmor up nginx stopped working. I think apparmor does not have permissions to the mods-enabled directory because that is what is causing the errors. I tried removing a module but it gives the same error for another one.

[phatginger]

Figured out by adjusting permissions in a apparmor conf file (/etc/apparmor.d/usr.sbin.nginx) and also making is so the two problem modules were not being used because I couldnt get the permissions to work on them for some reason.