File: rule.yml

package info (click to toggle)
scap-security-guide 0.1.78-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 114,600 kB
  • sloc: xml: 245,305; sh: 84,381; python: 33,093; makefile: 27
file content (32 lines) | stat: -rw-r--r-- 897 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
documentation_complete: true


title: 'Configure maximum number of process identifiers'

description: '{{{ describe_sysctl_option_value(sysctl="kernel.pid_max", value="65536") }}}'

rationale: |-
    The <tt>kernel.pid_max</tt> parameter configures upper limit on process
    identifiers (PID). If this number is not high enough, it might happen that
    forking of new processes is not possible, because all available PIDs are
    exhausted. Increasing this number enhances availability.

severity: medium

identifiers:
    cce@rhel8: CCE-83366-5
    cce@rhel9: CCE-83960-5
    cce@rhel10: CCE-88134-2
    cce@sle12: CCE-91570-2
    cce@sle15: CCE-91260-0

{{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.pid_max", value="65536") }}}

platform: system_with_kernel

template:
    name: sysctl
    vars:
        sysctlvar: kernel.pid_max
        sysctlval: '65536'
        datatype: int