{"description": "The <tt>usrquota</tt> mount option allows for the filesystem to have disk quotas configured.\nAdd the <code>usrquota</code> option to the fourth column of\n<tt>/etc/fstab</tt> for the line which controls mounting of\n<code>/home</code>.", "rationale": "To ensure the availability of disk space on /home, it is important to limit the impact a\nsingle user or group can cause for other users (or the wider system) by intentionally or\naccidentally filling up the partition. Quotas can also be applied to inodes for filesystems\nwhere inode exhaustion is a concern.", "severity": "medium", "references": {"nist": ["CM-6(b)"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the \"/home\" file system does not have the \"usrquota\" option set", "ocil": "Verify the <tt>usrquota</tt> option is configured for the <tt>/home</tt> mount point,\n    run the following command:\n    <pre>$ sudo mount | grep '\\s/home\\s'</pre>\n    <pre>. . . /home . . . usrquota . . .</pre>\n", "oval_external_content": null, "fixtext": "Modify \"/etc/fstab\" to use the \"usrquota\" option on the \"/home\" directory.", "checktext": "", "vuldiscussion": "", "srg_requirement": "Ubuntu 22.04 must mount /home with the usrquota option.", "warnings": [{"general": "The quota options for XFS file systems can only be activated when mounting the partition.\nIt is not possible to enable them by remounting an already mounted partition. Therefore,\nif the desired options were not defined before mounting the partition, dismount and mount\nit again to apply the quota options."}], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "mount[home]", "platforms": ["mount[home]"], "sce_metadata": {}, "inherited_platforms": ["not container"], "cpe_platform_names": ["mount_home"], "inherited_cpe_platform_names": ["not_container"], "bash_conditional": null, "fixes": {}, "title": "Add usrquota Option to /home", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml", "template": {"name": "mount_option", "vars": {"mountpoint": "/home", "mountoption": "usrquota"}, "backends": {}}}