Powered by GitBook

Ensure that the AIDE timer is enabled

Description

Configure an AIDE timer to verify the baseline operating system configuration at least weekly.

Rationale

Verify that the operating system routinely checks the baseline configuration for changes in critical files in an unauthorized fashion.

Audit

@test "Verify aide timer is enabled" {
  run bash -c "systemctl is-enabled aidecheck.timer"
  [ "$status" -eq 0 ]
}

Remediation

shell

echo "[Unit]
Description=Aide check every day at midnight

[Timer]
OnCalendar=*-*-* 00:00:00
Unit=aidecheck.service

[Install]
WantedBy=multi-user.target" > /etc/systemd/system/aidecheck.timer

chmod 0644 /etc/systemd/system/aidecheck.*

systemctl enable aidecheck.timer
systemctl restart aidecheck.timer
systemctl daemon-reload

References

STIG-ID: RHEL-07-020030
STIG-ID: UBTU-16-010510
CIS RHEL 7 Benchmark 2.2.0: 1.3.2
CIS Ubuntu 18.04 v1.0.0: 1.3.2

results matching ""

No results matching ""