search

florianutz / Ubuntu1804-CIS

Ubuntu CIS Hardening Ansible Role
MIT License
212 stars 127 forks source link

The NX||XD eventually fails on an active system #52

Open tdewitt opened 4 years ago

tdewitt commented 4 years ago

https://github.com/florianutz/Ubuntu1804-CIS/blob/dc95662250817f1fb6fef05a9361ca4cc0094cc0/tasks/section1.yml#L677

dmesg will eventually roll over and this check will fail. Using journalctl -b is slowed but will work for longer. Example from a rather vanilla install of 18.04 server:

$ dmesg | wc -l
4070

$ journalctl -b | wc -l
549487
umarizulkifli commented 4 years ago

According to official CIS Benchmark documents the command should be

journalctl | grep 'protection: active'