Skip to content

DLPX-86523 CIS: /home filesystem and mount options #756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

DLPX-86523 CIS: /home filesystem and mount options #756

wants to merge 1 commit into from

Conversation

justsanjeev
Copy link

@justsanjeev justsanjeev commented Apr 18, 2024
edited
Loading

Problem

CIS is looking or a single home directory filesystem mounted at the /home location, currently we have the home dataset is mounted on /export/home

Due to that we see the below issues in the CIS Report

  • (1.45) 7402 Status of the '/home' partition in the '/etc/fstab' file
  • (1.46) 13248 Status of Mount Partition '/home' using mount command
  • (1.47) 7403 Status of the 'nodev' mount option setting for the '/home partition' defined in the '/etc/ fstab' file
  • (1.48) 14601 Status of the 'nodev' option for '/home' partition using 'mount' command

Solution

Mounting the home dataset to `/home`.
  • Upgrade scripts are modified to mount the data set to a new mount path.
  • Ansible scripts modified for new home mount path.

Testing Done

Build: git ab-pre-push : appliance-build-orchestrator-pre-push/10403/ - ✅

Scan Results:

  • (1.45) 7402 Status of the '/home' partition in the '/etc/fstab' file - ✅ - Page 33 in attached report
7402
  • (1.46) 13248 Status of Mount Partition '/home' using mount command - ✅ - Page 33 in attached report
13248
  • (1.47) 7403 Status of the 'nodev' mount option setting for the '/home partition' defined in the '/etc/ fstab' file - ✅ Page 34 in attached report
7403
  • (1.48) 14601 Status of the 'nodev' option for '/home' partition using 'mount' command - ✅ - Page 34 in attached report
14601

After Changing the output from Engine(Manual Verification):

Screenshot 2025-02-17 at 10 18 19 PM

Additionally we had to make changes to below repos to support this change

Scan Reports before & after Change

@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 60315a7 to 2547134 Compare April 18, 2024 14:35
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch 3 times, most recently from 4447b5d to 70aaee3 Compare May 1, 2024 13:04
@justsanjeev justsanjeev mentioned this pull request May 6, 2024
Open
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch 5 times, most recently from 5a45f37 to 28406a7 Compare May 10, 2024 16:28
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 28406a7 to abd7103 Compare July 2, 2024 10:56
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from abd7103 to b8d8ec5 Compare July 11, 2024 10:06
@justsanjeev justsanjeev mentioned this pull request Jul 16, 2024
Closed
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from b8d8ec5 to 6497d9d Compare July 16, 2024 07:26
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 6497d9d to bacfefb Compare August 30, 2024 09:02
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch 2 times, most recently from 58d854c to fe722dd Compare September 24, 2024 08:53
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from fe722dd to 52199cc Compare October 1, 2024 06:57
@justsanjeev justsanjeev self-assigned this Oct 1, 2024
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 52199cc to c752b4f Compare October 8, 2024 17:47
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from c752b4f to 4c2f334 Compare October 22, 2024 12:28
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 4c2f334 to 823162d Compare November 4, 2024 07:52
@justsanjeev justsanjeev marked this pull request as ready for review November 19, 2024 10:22
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch 2 times, most recently from 554ea59 to b81c2e4 Compare January 16, 2025 06:30
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from b81c2e4 to 7c5bcea Compare February 14, 2025 10:07
sebroy
sebroy requested changes Mar 26, 2025
View reviewed changes
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from 7c5bcea to 5ce66b3 Compare April 9, 2025 15:45
sebroy
sebroy requested changes May 13, 2025
View reviewed changes
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from b061620 to 7cc9bcf Compare May 19, 2025 16:26
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch 2 times, most recently from 5a87340 to a679462 Compare May 20, 2025 08:14
@justsanjeev
DLPX-86523 CIS: /home filesystem and mount options
66cea08 
Fixing the headers in the changed files.
Incoprorating new comments from Seb
Resolving comments from Seb on redundant nodev

PR URL: https://www.github.com/delphix/appliance-build/pull/756
@justsanjeev justsanjeev force-pushed the dlpx/pr/justsanjeev/d7de7bc9-e96b-43ee-b26a-76a6325f7d86 branch from a679462 to 66cea08 Compare May 20, 2025 08:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sebroy sebroy sebroy requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@justsanjeev justsanjeev

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@justsanjeev @sebroy