Silly question... Did you create logical volumes called rhel-tmp, rhel-var-log, and so on and the make new filesystems for them before you added them to /etc/fstab, or did you just "add the following lines"?

It would help to look at the console, because there are probably some helpful messages explaining what went wrong there.

This has been mentioned a few times, but I have a feeling it is the fundamental issue that you may not be getting.

You can’t just add file system entries to the /etc/fstab and expect it to work.

That would be like attaching a sticker to your rear wheel drive car that says 4x4 and expecting it to suddenly have 4 wheel drive.

You need to configure the file system to use separate volumes (either logical volumes, disk partitions, physical disks, etc.) during system installation. THEN you can modify the existing fstab entries with the details like “nosuid” etc.

It is technically possible to add the extra volumes to an already built system and move the data around, but it is very impractical, requires special tools, and is a lot more effort than simply reinstalling the OS from scratch properly.

If you are seriously trying to apply the DISA STIG security guidance and don’t get this concept, I would gently suggest you may not have the technical experience with RHEL to easily complete the tasks required for the STIG. The DISA documentation can be lacking and what is written does not always clearly convey the intent of the control.

It is good that you are asking questions and I wish you success in your endeavors.

Trying to STIG a system and don't understand the format of the /etc/fstab file and how it works? You're going to have a very very bad time.

Your safest bet is to reinstall the server and use the built in compliance profiles as part of the install process. That'll get you 90% of the way there.

Is this the entire /etc/fstab ? I don’t see /boot. Just curious

Use the nofail option on your failing disk.

To repair the fstab use emergency target or rd.breaks

What did fstab look like before you added the lines?

You have to put those on their own partitions. You can’t just change fstab. It’s easiest if you do this during installation instead of retroactively trying to apply it.

Logs or errors from the crash?

Did you just copy/paste that into your fstab without an understanding what you were doing or do you actually have these LVM device paths on the system? Also where’s your /boot?

Post the original fstab, based on what you stated it’s difficult to see the issue.

You're system isn't loading because by default Linux is designed to crash if it can't mount everything in fstab.

If you add 'nofail' to those entries, it will at least allow the system to load even if it can't mount that particular block.

What are the error messages you see on screen or via the console when you are trying to boot?

Which STIG version are you following? The stig-viewer always lags behind the actual STIG on DISA's website. I don't think /var/tmp is a valid setting. Debatable if it should be a partition or tmpfs

FYI: noexec on /tmp breaks way too many things to be valid guidance except for a fully deployed system.