Required UNIX\Linux commands required for the /etc/sudoers file for CCS predefined standards
Article ID: 220104
Updated On:
Products
Issue/Introduction
Control Compliance Suite (CCS)
You are using Agentless scans in CCS and would like to know the commands that CCS requires for the predefined standards.
Environment
Release: CCS 12.5.x and CCS 12.6.x
Resolution
Table of Contents
- The following are the commands that need to be configured in /etc/sudoers file for CCS agentless data collection.
- Red Hat Enterprise Linux (RHEL)
- 1. List of commands for “CIS Red Hat Enterprise Linux 9 Benchmark v1.0.0 Level 1 and Level 2”
- 2. List of commands for “CIS Red Hat Enterprise Linux 8 Benchmark v2.0.0 Level 1 and Level 2”
- 3. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 8 v1.0.0 Level 1” standard:
- 4. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 8 v1.0.0 level 2” standard:
- 5. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 7 v2.2.0” standard: (Deprecated)
- 6. List of commands for “CIS Red Hat Enterprise Linux 6.x Benchmark v2.0.2” standard: (Deprecated)
- CentOS Linux
- SUSE Enterprise Linux
- Ubuntu Linux
- Oracle Linux
- IBM AIX UNIX
- Solaris UNIX
- Oracle Databases
The following are the commands that need to be configured in /etc/sudoers file for CCS agentless data collection.
Red Hat Enterprise Linux (RHEL)
1. List of commands for “CIS Red Hat Enterprise Linux 9 Benchmark v1.0.0 Level 1 and Level 2”
/usr/sbin/auditctl, /usr/bin/authselect, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/sbin/grubby, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/sbin/modprobe, /usr/bin/mount, /usr/sbin/nft, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/readlink, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/sbin/sshd, /usr/bin/stat, /usr/bin/strings, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/sbin/ufw, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
2. List of commands for “CIS Red Hat Enterprise Linux 8 Benchmark v2.0.0 Level 1 and Level 2”
/usr/sbin/auditctl, /usr/bin/authselect, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dirname, /usr/bin/dmesg, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/gsettings, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/sbin/modprobe, /usr/bin/mount, /usr/sbin/nft, /usr/bin/nmcli, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/sbin/sshd, /usr/bin/stat, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/sbin/ufw, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
3. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 8 v1.0.0 Level 1” standard:
/usr/sbin/auditctl, /usr/bin/authselect, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/dnf, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/bin/mount, /usr/sbin/nft, /usr/bin/nmcli, /usr/bin/nslookup, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
4. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 8 v1.0.0 level 2” standard:
/usr/sbin/auditctl, /usr/bin/authselect, /usr/bin/awk, /usr/bin/cat, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/sbin/modprobe, /usr/bin/mount, /usr/bin/nslookup, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/echo, /usr/bin/dig
5. List of commands for “CIS Benchmark for Red Hat Enterprise Linux 7 v2.2.0” standard: (Deprecated)
/usr/sbin/auditctl, /usr/sbin/authconfig, /usr/sbin/sestatus, /usr/sbin/lsmod, /usr/bin/crontab, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/awk, /usr/bin/cat, /usr/bin/cut, /usr/bin/chage, /usr/bin/df, /usr/bin/date, /usr/bin/dig, /usr/bin/dmesg, /usr/sbin/iptables, /usr/sbin/ip6tables, /usr/bin/egrep, /usr/bin/find, /usr/bin/grep, /usr/bin/file, /usr/bin/head, /usr/bin/id, /usr/bin/locale, /usr/bin/ls, /usr/bin/passwd –S *, /usr/bin/sed, /usr/bin/mount, /usr/bin/netstat, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/sbin/sysctl, /usr/bin/uname, /usr/bin/xargs, /usr/bin/ypcat, /usr/bin/yum, /usr/bin/echo
6. List of commands for “CIS Red Hat Enterprise Linux 6.x Benchmark v2.0.2” standard: (Deprecated)
/sbin/auditctl, /usr/sbin/authconfig, /bin/awk,/bin/cat, /usr/bin/crontab, /bin/cut,/bin/date, /bin/df,/bin/dmesg, /bin/egrep, /usr/bin/file, /bin/find, /bin/grep, /usr/bin/head, /bin/hostname, /usr/bin/id, /sbin/iptables, /usr/bin/locale, /bin/ls, /sbin/lsmod, /bin/mount, /bin/netstat, /usr/bin/nslookup, /usr/bin/passwd -S *, /usr/bin/perl, /bin/ps, /bin/rpm, /bin/sed, /usr/sbin/sestatus, /sbin/sysctl, /usr/bin/test, /usr/bin/tr, /bin/uname, /usr/bin/xargs, /bin/echo, /usr/bin/dig
CentOS Linux
1. List of commands for “CIS CentOS Linux 8 Benchmark v2.0.0 Level 1 and Level 2”
/usr/sbin/auditctl, /usr/bin/authselect, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dirname, /usr/bin/dmesg, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/gsettings, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/sbin/modprobe, /usr/bin/mount, /usr/sbin/nft, /usr/bin/nmcli, /usr/bin/nslookup, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss,/usr/sbin/sshd, /usr/bin/stat, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/sbin/ufw, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
2. List of commands for “CIS CentOS Linux 7 Benchmark v3.1.2 Level 1 and Level 2”
/usr/sbin/auditctl, /usr/sbin/authconfig, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/domainname, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/findmnt, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/bin/lsblk, /usr/sbin/lsmod, /usr/sbin/modprobe, /usr/bin/mount, /usr/bin/netstat, /usr/sbin/nft, /usr/bin/nmcli, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/sbin/sshd, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
3. List of commands for “CIS CentOS Linux 7 v2.1.1” standard:
/usr/sbin/auditctl, /usr/sbin/authconfig, /usr/bin/awk, /usr/bin/cat, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/domainname, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/grep, /usr/bin/head, /usr/bin/hostname, /usr/bin/id, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/bin/mount, /usr/bin/netstat, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/dig, /usr/bin/echo
SUSE Enterprise Linux
1. List of commands for “CIS SUSE Linux Enterprise 15 Benchmark v1.1.1 Level 1 and Level 2”
/usr/sbin/apparmor_status, /sbin/auditctl, /usr/sbin/authconfig, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/domainname, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/firewall-cmd, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /sbin/lsmod, /sbin/modprobe, /usr/bin/mount, /usr/bin/netstat, /usr/sbin/nft, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/bin/strings, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
2. List of commands for “CIS SUSE Linux Enterprise 12 Benchmark v3.1.0 Level 1 and Level 2”
/usr/sbin/apparmor_status, /sbin/auditctl, /usr/sbin/authconfig, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /bin/domainname, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /sbin/lsmod, /sbin/modprobe, /usr/bin/mount, /bin/netstat, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /bin/rpm, /usr/bin/sed, /usr/sbin/sestatus, /usr/sbin/ss, /usr/bin/strings, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/ypcat, /usr/bin/echo, /usr/bin/dig
3. List of commands for “CIS Benchmark for SUSE Linux Enterprise 12 v2.0.0” standard:
/usr/sbin/apparmor_status, /sbin/auditctl, /usr/bin/awk, /usr/bin/cat, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /bin/domainname, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/grep, /usr/bin/head, /bin/hostname, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /sbin/lsmod, /usr/bin/mount, /bin/netstat, /usr/bin/nslookup, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /bin/rpm, /usr/bin/sed, /sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig, /usr/sbin/authconfig, /usr/sbin/sestatus, /usr/sbin/getenforce, /usr/bin/echo
Ubuntu Linux
1. List of commands for “CIS Ubuntu Linux 22.04 LTS Benchmark v1.0.0 Level 1 and Level 2”
/usr/sbin/apparmor_status, /usr/sbin/auditctl, /usr/bin/awk, /usr/bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/dpkg, /usr/bin/dpkg-query, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/grep, /usr/bin/groups, /usr/bin/head, /usr/bin/id, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/bin/mount, /usr/sbin/nft, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/sed, /usr/bin/ss, /usr/sbin/sshd, /usr/bin/stat, /usr/bin/strings, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/sbin/ufw, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
2. List of commands for “CIS Ubuntu Linux 18.04 LTS Benchmark v2.1.0 Level 1 and Level 2”
/usr/sbin/apparmor_status, /usr/bin/awk, /bin/cat, /usr/bin/chage, /usr/bin/crontab, /usr/bin/cut, /bin/date, /bin/df, /bin/dmesg, /bin/domainname, /usr/bin/dpkg, /usr/bin/dpkg-query, /bin/egrep, /usr/bin/file, /usr/bin/find, /bin/grep, /usr/bin/groups, /usr/bin/head, /usr/bin/id, /sbin/ip6tables, /sbin/iptables, /usr/bin/locale, /bin/ls, /sbin/lsmod, /bin/mount, /bin/netstat, /usr/bin/passwd -S *, /usr/bin/perl, /bin/ps, /bin/sed, /bin/ss, /usr/sbin/sshd, /bin/su - root -c umask, /usr/bin/su - root -c env, /sbin/sysctl, /bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/sbin/ufw, /bin/uname, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
3. List of commands for “Security Essentials for Ubuntu 12.04 and 14.04 LTS Server” standard:
/usr/bin/awk, /bin/cat, /usr/bin/cut, /bin/date, /bin/df, /bin/domainname, /usr/bin/dpkg, /usr/bin/dpkg-query, /usr/bin/du, /bin/egrep,/usr/bin/file, /usr/bin/find, /bin/grep, /usr/bin/head, /bin/hostname, /usr/bin/id, /usr/bin/locale, /bin/ls, /bin/mount, /usr/bin/passwd -S *, /usr/bin/perl, /bin/ps,/bin/sed, /usr/bin/strings, /sbin/sysctl, /usr/bin/test, /usr/bin/tr, /bin/uname, /usr/bin/xargs, /usr/bin/dig, /bin/echo
Oracle Linux
1. List of commands for “CIS Oracle Linux 7 v 2.0.0” standard:
/usr/sbin/auditctl, /usr/sbin/authconfig, /usr/bin/awk, /usr/bin/cat, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/dmesg, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/sbin/getenforce, /usr/bin/grep, /usr/bin/head, /usr/bin/hostname, /usr/bin/id, /usr/sbin/ifconfig, /usr/sbin/ip6tables, /usr/sbin/iptables, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsmod, /usr/bin/mount, /usr/bin/netstat, /usr/bin/passwd -S *, /usr/bin/perl, /usr/bin/ps, /usr/bin/rpm, /sbin/ifconfig, /usr/bin/sed, /usr/sbin/sestatus, /usr/bin/sort, /usr/sbin/sysctl, /usr/bin/systemctl, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/uniq, /usr/bin/xargs, /usr/bin/echo, /usr/bin/dig
- Also mention absolute path of apachectl command
IBM AIX UNIX
1. List of commands for “CIS IBM AIX 7.2 Benchmark v1.0.0 Level 1 and Level 2” and “Security Essentials for IBM AIX 7.3”
/usr/sbin/sendmail, /usr/bin/alog, /usr/bin/awk, /usr/bin/cat, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/domainname, /usr/bin/dspcat, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/genkex, /usr/bin/grep, /usr/bin/head, /usr/bin/hostname, /usr/bin/id, /usr/bin/locale, /usr/bin/ls, /etc/lsattr, /etc/lsdev, /usr/sbin/lsfilt, /etc/lsfs, /usr/bin/lslpp, /usr/sbin/lsnfsexp, /usr/bin/lssec, /usr/bin/lssrc, /usr/bin/lsuser, /etc/mount, /usr/sbin/nfso, /etc/no, /usr/bin/nslookup, /usr/bin/oslevel, /usr/bin/ps, /usr/bin/rm, /usr/bin/rpm, /usr/bin/sed, /usr/bin/showmount, /usr/sbin/sshd, /usr/bin/strings, /usr/bin/su - root -c umask, /usr/bin/su - root -c env, /usr/bin/test, /usr/bin/tr, /usr/sbin/trustchk, /usr/bin/uname, /usr/bin/xargs, /usr/bin/ypcat, /usr/bin/echo, /usr/bin/dig
NOTE: flrtvc.ksh is required to be run for the check 7.2
2. List of commands for “CIS IBM AIX 7.1 Benchmark v1.1.0 (Deprecated)” standard:
/usr/bin/alog, /usr/bin/awk, /usr/bin/cat, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/domainname, /usr/bin/dspcat, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/genkex, /usr/bin/grep, /usr/bin/groups, /usr/bin/head, /usr/bin/hostname, /usr/bin/id, /usr/bin/locale, /usr/bin/ls, /usr/sbin/lsattr, /usr/sbin/lsfs, /usr/bin/lslpp, /usr/bin/lssec, /usr/sbin/lsuser, /usr/sbin/mount, /usr/bin/netstat, /usr/sbin/nfso, /usr/sbin/no, /usr/bin/nslookup, /usr/bin/oslevel, /usr/bin/ps, /usr/bin/rm, /usr/bin/rpm, /usr/bin/sed, /usr/bin/sort, /usr/bin/test, /usr/bin/tr, /usr/sbin/trustchk, /usr/bin/uname, /usr/bin/xargs, /usr/bin/ypcat
Solaris UNIX
1. List of commands for “CIS Solaris 11.2 Benchmark v1.1.0” standard:
/usr/sbin/auditconfig, /usr/bin/awk, /usr/bin/cat, /usr/sbin/consadm, /usr/bin/coreadm, /usr/bin/crontab, /usr/bin/cut, /usr/bin/date, /usr/bin/df, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/getent, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/bin/locale, /usr/bin/logins, /usr/bin/ls, /usr/bin/mdb, /usr/sbin/mount, /usr/sbin/ndd, /usr/bin/netstat, /usr/sbin/nslookup, /usr/bin/passwd, /usr/bin/perl, /usr/bin/readlink, /usr/sbin/routeadm, /usr/bin/sed, /usr/bin/svcs, /usr/sbin/sysdef, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/sbin/useradd, /usr/bin/userattr, /usr/bin/xargs, /usr/bin/ypcat, /usr/bin/zonename, /usr/bin/echo, /usr/sbin/dig, /usr/bin/nslookup, /usr/xpg4/bin/ls, /usr/xpg4/bin/awk, /usr/xpg4/bin/crontab, /usr/xpg4/bin/date, /usr/xpg4/bin/df, /usr/xpg4/bin/egrep, /usr/xpg4/bin/file, /usr/xpg4/bin/find, /usr/xpg4/bin/grep, /usr/xpg4/bin/id, /usr/xpg4/bin/sed, /usr/xpg4/bin/test, /usr/xpg4/bin/tr
Oracle Databases
1. List of commands for "CIS Oracle Database 19c Benchmark v1.1.0" standard:
/usr/bin/awk, /usr/bin/cat, /usr/bin/cut, /usr/bin/date, /usr/bin/dig, /usr/bin/egrep, /usr/bin/file, /usr/bin/find, /usr/bin/grep, /usr/bin/head, /usr/bin/id, /usr/bin/locale, /usr/bin/ls, /usr/bin/mount, /opt/oracle/product/19.3.0.0/db_1/bin/lsnrctl, /usr/bin/ps, /usr/bin/sed, /usr/bin/test, /usr/bin/tr, /usr/bin/uname, /usr/bin/xargs, /usr/bin/echo
NOTE: For lsnrctl command, the absolute path for lsnrctl command needs to be mentioned as per the path configured in customer's environment
Feedback
