1

I recently had a security audit on a Ubuntu 16.04 server and have 2 issues that I'm struggling to address. This is a server that can only be accessed through command-line/ssh and is hosted on AWS.

1) The auditor required that the /home, /tmp and /var directories be placed on a separate partition. The root partition, /dev/xvda1, is assigned 100% of the available disk space although it is only using 9% of that total. It is my understanding through research and personal experimentation that a root partition can only be resized if it is unmounted, usually by booting from a live CD/usb. I have not found any information about how to accomplish this if the server can only be accessed by command-line. Any advice on what would be the most efficient way to satisfy the security auditor's request?

2) The auditor left a note "PassengerWatchdog and PassengerHelperAgent are running as root". I've tried googling this issue in different ways and can't find any information about what needs to be changed and how to change it. I'm not sure what user PassengerWatchdog and PassengerHelperAgent should be running as or how to change that setting.

Thanks in advance for any assistance you can give me with these issues.

Tina
  • 11
  • 1
  • 1) Are you able to add another EBS volume to the instance? Then, you could mount listed directories from it. 2) Are you able to install gems for Phusion Passanger under a different user than root?!? – dsmsk80 Mar 15 '17 at 16:55
  • Yes I can add another EBS volume to the instance. That is a great idea! Also, I'm pretty sure I can install the phusion gems. I will attempt these fixes and if they resolve my issue I'll notate that! Thanks! – Tina Mar 16 '17 at 18:51

0 Answers0