For systems capable of using GRUB, the system must be configured with GRUB as the default boot loader unless another boot loader has been authorized, justified, and documented using site-defined procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-220123 | GEN008660 | SV-220123r603266_rule | High |
| Description |
|---|
| GRUB is a versatile boot loader used by several platforms providing authentication for access to the system or boot loader. |
| STIG | Date |
|---|---|
| Solaris 10 X86 Security Technical Implementation Guide | 2022-09-07 |
Details
| Check Text ( C-21832r490393_chk ) |
|---|
| This check applies to the global zone only. Determine the type of zone that you are currently securing. # zonename If the command output is "global", this check applies. On systems that have a ZFS root, the active menu.lst file is typically located at /pool-name/boot/grub/menu.lst where "pool-name" is the mount point for the top-level dataset. On systems that have a UFS root, the active menu.lst file is typically located at /boot/grub/menu.lst. To locate the active GRUB menu, use the bootadm command with the list-menu option: # bootadm list-menu Determine if the system uses the GRUB boot loader. Procedure: # more /pool-name/boot/grub/menu.lst or # more /boot/grub/menu.lst If menu.lst does not exist, this is a finding. |
| Fix Text (F-21831r490394_fix) |
|---|
| Configure the system to use the GRUB bootloader. |