RHEL 9 must use a separate file system for /var.

STIG ID: RHEL-09-231020  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: low |  CCI: CCI-000366 |  Vulnerability Id: V-257845 | 

Vulnerability Discussion

Ensuring that "/var" is mounted on its own partition enables the setting of more restrictive mount options. This helps protect system services such as daemons or other programs which use it. It is not uncommon for the "/var" directory to contain world-writable directories installed by other software packages.

Check

Verify that a separate file system/partition has been created for "/var" with the following command:

$ mount | grep /var

UUID=c274f65f-c5b5-4481-b007-bee96feb8b05 /var xfs noatime 1 2

If a separate entry for "/var" is not in use, this is a finding.

Fix

Migrate the "/var" path onto a separate file system.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.