dccce1d5cc
This patch gets the docs adjusted to work with the new RHEL 7 STIG version 1 release. The new STIG release has changed all of the numbering, but it maintains a link to (most) of the old STIG IDs in the XML. Closes-bug: 1676865 Change-Id: I65023fe63163c9804a3aec9dcdbf23c69bedb604
746 B
746 B
---id: V-72017 status: opt-in tag: file_perms ---
Although the STIG requires that all home directories have the proper owner, group owner, and permissions, these changes might be disruptive in some environments. These tasks are not executed by default.
Deployers can opt in for the following changes to each home directory:
- Permissions are set to
0750at a maximum. If permissions are already more restrictive than0750, the permissions are left unchanged. - User ownership is set to the
UIDof the user. - Group ownership is set to the
GIDof the user.
Deployers can opt in for these changes by setting the following Ansible variable:
security_set_home_directory_permissions_and_owners: yes