This repository contains the code used to build the Ubuntu-based Delphix Appliance, leveraging open-source tools such as Debian's live-build, Docker, Ansible, OpenZFS, and others.
Apache License 2.0
19
stars
41
forks
source link
DLPX-86523 CIS: /home filesystem and mount options #756
CIS is looking or a single home directory filesystem mounted at the `/home` location, currently we have the home dataset is mounted on `/export/home`
Due to that we see the below issues in the CIS Report
- (1.45) 7402 Status of the '/home' partition in the '/etc/fstab' file
- (1.46) 13248 Status of Mount Partition '/home' using mount command
- (1.47) 7403 Status of the 'nodev' mount option setting for the '/home partition' defined in the '/etc/ fstab' file
- (1.48) 14601 Status of the 'nodev' option for '/home' partition using 'mount' command
Solution
Mounting the home dataset to `/home`.
Testing Done
- Completed [blackbox-chained/6866](https://selfservice-jenkins.eng-tools-prd.aws.delphixcloud.com/job/blackbox-chained/6866/console) test from a 25.0.0.0 engine to a 29.0.0.0 engine
- We have completed the CIS scans and don't the failures in the report for the description in [DLPX-86523](https://delphix.atlassian.net/browse/DLPX-86523) [[Uploading Compliance_Report_SR_Dev24102024_CIS_dephx3sr1_20241024.pdf…]()]
- We have completed the [split-precommit-dxostest](http://selfservice.jenkins-sanjeevrohila.dcol1.delphix.com/job/integration-tests/job/split-precommit-dxostest/job/pre-push/1/consoleFull) on a Developer Jenkins Instance.
CIS is looking or a single home directory filesystem mounted at the `/home` location, currently we have the home dataset is mounted on `/export/home` Due to that we see the below issues in the CIS Report - (1.45) 7402 Status of the '/home' partition in the '/etc/fstab' file - (1.46) 13248 Status of Mount Partition '/home' using mount command - (1.47) 7403 Status of the 'nodev' mount option setting for the '/home partition' defined in the '/etc/ fstab' file - (1.48) 14601 Status of the 'nodev' option for '/home' partition using 'mount' commandProblem
Mounting the home dataset to `/home`.Solution
- Completed [blackbox-chained/6866](https://selfservice-jenkins.eng-tools-prd.aws.delphixcloud.com/job/blackbox-chained/6866/console) test from a 25.0.0.0 engine to a 29.0.0.0 engine - We have completed the CIS scans and don't the failures in the report for the description in [DLPX-86523](https://delphix.atlassian.net/browse/DLPX-86523) [[Uploading Compliance_Report_SR_Dev24102024_CIS_dephx3sr1_20241024.pdf…]()] - We have completed the [split-precommit-dxostest](http://selfservice.jenkins-sanjeevrohila.dcol1.delphix.com/job/integration-tests/job/split-precommit-dxostest/job/pre-push/1/consoleFull) on a Developer Jenkins Instance.Testing Done
Related PRS - https://github.com/delphix/delphix-platform/pull/477 - https://github.com/delphix/dlpx-app-gate/pull/2121 - https://github.com/delphix/dlpx-qa-gate/pull/5042 - https://github.com/delphix/qa-infra/pull/2008 - https://github.com/delphix/devops-gate/pull/3431 - https://github.com/delphix/pipeline-shared/pull/308Notes to Reviewers