Oracle Solaris Cluster Understanding Solaris Compliance Security Test Results on Node/System/Server with Solaris 11.2 and higher (Doc ID 2099210.1)

Last updated on FEBRUARY 03, 2016

Applies to:

Solaris Cluster - Version OSC 4.2 to OSC 4.3 [Release 4.2 to 4.3]
Oracle Solaris on x86-64 (64-bit)
Oracle Solaris on SPARC (64-bit)

Symptoms

Solaris 11.2 introduced the /usr/bin/compliance command, to administer security compliance tests. It produces security assessments, where an assessment is an evaluation of the security configuration of a system, conducted against a benchmark. As of Solaris 11.3, Solaris ships with a benchmark containing two profiles, Baseline and Recommended.

We have identified some tests in those profiles which may not give correct results on a Solaris system which is configured with Oracle Solaris Cluster software. These tests are being corrected, but until such times as corrected tests are available, this document lists the tests and the issues, and explains how to interpret the test results to determine if there is, in fact, a compliance problem.

 

For the Solaris 11.3 benchmarks, the tests currently known to result in incorrect determinations (usually, but not always, incorrect Fail results) are:

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms