CIS PostgreSQL 16 v1.1.0 L1 OS Linux Unix

Audit Details

Name: CIS PostgreSQL 16 v1.1.0 L1 OS Linux Unix

Updated: 6/30/2026

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 15

File Details

Filename: CIS_PostgreSQL_16_v1.1.0_L1_OS_Linux_Unix.audit

Size: 44.9 kB

MD5: 3720ee260495a51e14f81d683ff15085
SHA256: d5eb152cdc60fcd863c238d498f1ff28a3d5d1efb2a7bd159150c9b43d28a4cf

Audit Items

DescriptionCategories
1.1 Ensure packages are obtained from authorized repositories

CONFIGURATION MANAGEMENT, MAINTENANCE

1.2 Install only required packages

CONFIGURATION MANAGEMENT

1.3 Ensure systemd Service Files Are Enabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4 Ensure Data Cluster Initialized Successfully

ACCESS CONTROL, MEDIA PROTECTION

1.6 Verify That 'PGPASSWORD' is Not Set in Users' Profiles

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in Use

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure the file permissions mask is correct

ACCESS CONTROL, MEDIA PROTECTION

2.2 Ensure extension directory has appropriate ownership and permissions

ACCESS CONTROL, MEDIA PROTECTION

2.3 Disable PostgreSQL Command History

MEDIA PROTECTION

2.4 Ensure Passwords are Not Stored in the service file

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Ensure Interactive Login is Disabled

ACCESS CONTROL

4.2 Ensure sudo is configured correctly

ACCESS CONTROL

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.2 Ensure the backup and restore tool, 'pgBackRest', is installed and configured

CONTINGENCY PLANNING

CIS_PostgreSQL_16_v1.1.0_L1_OS_Linux_Unix.audit from CIS PostgreSQL 16 Benchmark v1.1.0