MEDIUM M29: System Access Controls P3

Verified Compare Branch

Overview

Miscellaneous system access hardening: sets a legal login banner, ensures log rotation is active, disables the emergency debug shell, and restricts tmux in login shells.

Profile: NIST 800-53 Moderate (rhcos4-moderate)

Compliance Checks

Check Description
Login banner Set /etc/issue legal notice banner
Log rotation Ensure logrotate is activated
Debug shell Disable debug-shell.service
tmux restriction Prevent tmux in login shells

Verification

oc debug node/<node> -- chroot /host bash -c 'cat /etc/issue; systemctl is-enabled debug-shell.service'
← M28 All Groups M30 →
Legend
Status
🔵 In Progress
🟡 Pending
⚪ On Hold
🟢 Complete
Severity
HIGH
MEDIUM
LOW
MANUAL

Keyboard Shortcuts

Navigation
j / Next row
k / Previous row
Enter Open selected / Expand details
Esc Clear selection / Close modal
Actions
/ Focus search
d Toggle dark mode
? Show this help
g h Go to home
Filters
1 Show all
2 Pending only
3 In Progress only
4 Complete only