The operating system must implement transaction recovery for transaction-based systems.

From Solaris 11 X86 Security Technical Implementation Guide

Associated with: CCI-000553

SV-60869r1_rule The operating system must implement transaction recovery for transaction-based systems.

Vulnerability discussion

Recovery and reconstitution constitutes executing an operating system contingency plan comprised of activities to restore essential missions and business functions. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery.While this is typically a database function, operating systems could be transactional in nature with respect to file processing.

Check content

Solaris 11 ZFS copy-on-write model allows filesystem accesses to work according to a transactional model, such that on-disk content is always consistent and cannot be configured to be out of compliance. Determine if any UFS file systems are mounted with the "nologging" option. # mount|grep nologging If any file systems are listed, this is a finding.

Fix text

The root role is required. Solaris 11 ZFS copy-on-write model allows filesystem accesses to work according to a transactional model, such that on-disk content is always consistent and cannot be configured to be out of compliance. If any UFS file systems are mounted with the "nologging" options, remove that option from the /etc/vfstab file. # pfedit /etc/vfstab Locate any file systems listed with the "nologging" option and delete the keyword "nologging".

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.