MEDIUM M26: Systemd Hardening P3

Verified Compare Branch

Overview

Disables dangerous systemd behaviors: prevents Ctrl-Alt-Del from rebooting nodes (both single-press and burst), disables core dump generation and storage to prevent information leakage.

Profile: NIST 800-53 Moderate (rhcos4-moderate)

Compliance Checks

Check Description
Ctrl-Alt-Del burst action Disable CtrlAltDelBurstAction
Ctrl-Alt-Del reboot Disable Ctrl-Alt-Del reboot target
Coredump backtraces Disable coredump backtrace generation
Coredump storage Disable coredump storage
User coredumps Disable user coredumps via limits.conf

Verification

oc debug node/<node> -- chroot /host systemctl status ctrl-alt-del.target
← M25 All Groups M27 →
Legend
Status
🔵 In Progress
🟡 Pending
⚪ On Hold
🟢 Complete
Severity
HIGH
MEDIUM
LOW
MANUAL

Keyboard Shortcuts

Navigation
j / Next row
k / Previous row
Enter Open selected / Expand details
Esc Clear selection / Close modal
Actions
/ Focus search
d Toggle dark mode
? Show this help
g h Go to home
Filters
1 Show all
2 Pending only
3 In Progress only
4 Complete only