SV-208871r603263_rule
V-208871
SRG-OS-000206
OL6-00-000134
CAT II
10
The group-owner of all log files written by "rsyslog" should be root. These log files are determined by the second part of each Rule line in "/etc/rsyslog.conf" and typically all appear in "/var/log". For each log file [LOGFILE] referenced in "/etc/rsyslog.conf", run the following command to inspect the file's group owner:
$ ls -l [LOGFILE]
If the owner is not "root", run the following command to correct this:
# chgrp root [LOGFILE]
The group-owner of all log files written by "rsyslog" should be root. These log files are determined by the second part of each Rule line in "/etc/rsyslog.conf" and typically all appear in "/var/log". To see the group-owner of a given log file, run the following command:
$ ls -l [LOGFILE]
Some log files referenced in /etc/rsyslog.conf may be created by other programs and may require exclusion from consideration.
If the group-owner is not root, this is a finding.
V-208871
False
OL6-00-000134
The group-owner of all log files written by "rsyslog" should be root. These log files are determined by the second part of each Rule line in "/etc/rsyslog.conf" and typically all appear in "/var/log". To see the group-owner of a given log file, run the following command:
$ ls -l [LOGFILE]
Some log files referenced in /etc/rsyslog.conf may be created by other programs and may require exclusion from consideration.
If the group-owner is not root, this is a finding.
M
2928