[Bug 2031916] [NEW] subquity [REQ] hardened install option choice from start

Mr John Paul Cooper 2031916 at bugs.launchpad.net
Fri Aug 18 14:35:06 UTC 2023 

Public bug reported:

Currently the Ubuntu Server 22.04 installer has it so that when it
installs, all of the hardening has to be applied after the initial
install.

This means that there's a period during which the server isn't hardened,
so for a first server setup it will likely be vulnerable. Though a part
of Redhat RHEL which really is good for a strong security footprint out
of the box, is being able to apply a security profile from the first
step or stage.

The profile affects the installer, to provide information, warnings and
errors, depending on how the disk partitioning and account configuration
is setup, as well as how the config files are setup and what packages
are installed. So once the installer has completed the installation, it
will be already hardened.

Drawing inspiration from this is it possible for Ubuntu Server installer
(subquity) to gain a feature, where if the user attaches a Ubuntu Pro
subscription and selects to install hardened it will install usg while
allowing a selection from the usg profiles available.

The profiles will cause the installer to have the settings and
installation from first reboot compliant with the select profile rules.

So for instance its required to have /var/log and /var/log/audit on
separate partitions with rsyslog for one of the profiles with some
profiles. This is something which you can't do after install or at least
not easily.

What I expect to have happen or see is the ability to have a choice of
an hardened install for first server during install out of the box
(before the first restart for complete) rather than doing the hardening
after the first reboot.

** Affects: subiquity (Ubuntu)
     Importance: Undecided
         Status: New

** Description changed:

  Currently the Ubuntu Server 22.04 installer has it so that when it
  installs, all of the hardening has to be applied after the initial
  install.
  
  This means that there's a period during which the server isn't hardened,
  so for a first server setup it will likely be vulnerable. Though a part
  of Redhat RHEL which really is good for a strong security footprint out
  of the box, is being able to apply a security profile from the first
  step or stage.
  
  The profile affects the installer, to provide information, warnings and
  errors, depending on how the disk partitioning and account configuration
- is setup. So once the installer has completed the installation, it will
- be already hardened.
+ is setup, as well as how the config files are setup. So once the
+ installer has completed the installation, it will be already hardened.
  
  Drawing inspiration from this is it possible for Ubuntu Server installer
  (subquity) to gain a feature, where if the user attaches a Ubuntu Pro
  subscription and selects to install hardened it will install usg while
  allowing a selection from the usg profiles available.
  
  The profiles will cause the installer to have the settings and
  installation from first reboot compliant with the select profile rules.
  
  So for instance its required to have /var/log and /var/log/audit on
  separate partitions with rsyslog for one of the profiles with some
  profiles. This is something which you can't do after install or at least
  not easily.
  
  What I expect to have happen or see is the ability to have a choice of
  an hardened install for first server during install out of the box
  (before the first restart after complete) rather than doing the
  hardening after the first reboot.

** Description changed:

  Currently the Ubuntu Server 22.04 installer has it so that when it
  installs, all of the hardening has to be applied after the initial
  install.
  
  This means that there's a period during which the server isn't hardened,
  so for a first server setup it will likely be vulnerable. Though a part
  of Redhat RHEL which really is good for a strong security footprint out
  of the box, is being able to apply a security profile from the first
  step or stage.
  
  The profile affects the installer, to provide information, warnings and
  errors, depending on how the disk partitioning and account configuration
- is setup, as well as how the config files are setup. So once the
- installer has completed the installation, it will be already hardened.
+ is setup, as well as how the config files are setup and what packages
+ are installed. So once the installer has completed the installation, it
+ will be already hardened.
  
  Drawing inspiration from this is it possible for Ubuntu Server installer
  (subquity) to gain a feature, where if the user attaches a Ubuntu Pro
  subscription and selects to install hardened it will install usg while
  allowing a selection from the usg profiles available.
  
  The profiles will cause the installer to have the settings and
  installation from first reboot compliant with the select profile rules.
  
  So for instance its required to have /var/log and /var/log/audit on
  separate partitions with rsyslog for one of the profiles with some
  profiles. This is something which you can't do after install or at least
  not easily.
  
  What I expect to have happen or see is the ability to have a choice of
  an hardened install for first server during install out of the box
  (before the first restart after complete) rather than doing the
  hardening after the first reboot.

** Summary changed:

- subquity hardened install option choice from start
+ subquity [REQ] hardened install option choice from start

** Description changed:

  Currently the Ubuntu Server 22.04 installer has it so that when it
  installs, all of the hardening has to be applied after the initial
  install.
  
  This means that there's a period during which the server isn't hardened,
  so for a first server setup it will likely be vulnerable. Though a part
  of Redhat RHEL which really is good for a strong security footprint out
  of the box, is being able to apply a security profile from the first
  step or stage.
  
  The profile affects the installer, to provide information, warnings and
  errors, depending on how the disk partitioning and account configuration
  is setup, as well as how the config files are setup and what packages
  are installed. So once the installer has completed the installation, it
  will be already hardened.
  
  Drawing inspiration from this is it possible for Ubuntu Server installer
  (subquity) to gain a feature, where if the user attaches a Ubuntu Pro
  subscription and selects to install hardened it will install usg while
  allowing a selection from the usg profiles available.
  
  The profiles will cause the installer to have the settings and
  installation from first reboot compliant with the select profile rules.
  
  So for instance its required to have /var/log and /var/log/audit on
  separate partitions with rsyslog for one of the profiles with some
  profiles. This is something which you can't do after install or at least
  not easily.
  
  What I expect to have happen or see is the ability to have a choice of
  an hardened install for first server during install out of the box
- (before the first restart after complete) rather than doing the
- hardening after the first reboot.
+ (before the first restart for complete) rather than doing the hardening
+ after the first reboot.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subiquity in Ubuntu.
https://bugs.launchpad.net/bugs/2031916

Title:
  subquity [REQ] hardened install option choice from start

Status in subiquity package in Ubuntu:
  New

Bug description:
  Currently the Ubuntu Server 22.04 installer has it so that when it
  installs, all of the hardening has to be applied after the initial
  install.

  This means that there's a period during which the server isn't
  hardened, so for a first server setup it will likely be vulnerable.
  Though a part of Redhat RHEL which really is good for a strong
  security footprint out of the box, is being able to apply a security
  profile from the first step or stage.

  The profile affects the installer, to provide information, warnings
  and errors, depending on how the disk partitioning and account
  configuration is setup, as well as how the config files are setup and
  what packages are installed. So once the installer has completed the
  installation, it will be already hardened.

  Drawing inspiration from this is it possible for Ubuntu Server
  installer (subquity) to gain a feature, where if the user attaches a
  Ubuntu Pro subscription and selects to install hardened it will
  install usg while allowing a selection from the usg profiles
  available.

  The profiles will cause the installer to have the settings and
  installation from first reboot compliant with the select profile
  rules.

  So for instance its required to have /var/log and /var/log/audit on
  separate partitions with rsyslog for one of the profiles with some
  profiles. This is something which you can't do after install or at
  least not easily.

  What I expect to have happen or see is the ability to have a choice of
  an hardened install for first server during install out of the box
  (before the first restart for complete) rather than doing the
  hardening after the first reboot.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/2031916/+subscriptions

More information about the foundations-bugs mailing list