delphix / appliance-build

This repository contains the code used to build the Ubuntu-based Delphix Appliance, leveraging open-source tools such as Debian's live-build, Docker, Ansible, OpenZFS, and others.
Apache License 2.0
19 stars 41 forks source link

DLPX-86523 CIS: /home filesystem and mount options #756

Open justsanjeev opened 6 months ago

justsanjeev commented 6 months ago

Problem

CIS is looking or a single home directory filesystem mounted at the `/home` location, currently we have the home dataset is mounted on `/export/home` Due to that we see the below issues in the CIS Report - (1.45) 7402 Status of the '/home' partition in the '/etc/fstab' file - (1.46) 13248 Status of Mount Partition '/home' using mount command - (1.47) 7403 Status of the 'nodev' mount option setting for the '/home partition' defined in the '/etc/ fstab' file - (1.48) 14601 Status of the 'nodev' option for '/home' partition using 'mount' command

Solution

Mounting the home dataset to `/home`.

Testing Done

- Completed [blackbox-chained/6866](https://selfservice-jenkins.eng-tools-prd.aws.delphixcloud.com/job/blackbox-chained/6866/console) test from a 25.0.0.0 engine to a 29.0.0.0 engine - We have completed the CIS scans and don't the failures in the report for the description in [DLPX-86523](https://delphix.atlassian.net/browse/DLPX-86523) [[Uploading Compliance_Report_SR_Dev24102024_CIS_dephx3sr1_20241024.pdf…]()] - We have completed the [split-precommit-dxostest](http://selfservice.jenkins-sanjeevrohila.dcol1.delphix.com/job/integration-tests/job/split-precommit-dxostest/job/pre-push/1/consoleFull) on a Developer Jenkins Instance.

Notes to Reviewers

Related PRS - https://github.com/delphix/delphix-platform/pull/477 - https://github.com/delphix/dlpx-app-gate/pull/2121 - https://github.com/delphix/dlpx-qa-gate/pull/5042 - https://github.com/delphix/qa-infra/pull/2008 - https://github.com/delphix/devops-gate/pull/3431 - https://github.com/delphix/pipeline-shared/pull/308