490d2f4bd8
The tasks for handling auditd log permissions incorrectly set all log files in /var/log/audit to 0400, which prevents auditd from writing to the active log file. This prevents auditd from starting and restarting. The task now removes any permissions explicitly disallowed by V-38498. Any files meeting/exceeding the STIG requirements will not be modified. Closes-bug: 1584942 Change-Id: I1bb2b91ae8a78b1f0304bd4ce0f9a774d65245bd
11 lines
436 B
YAML
11 lines
436 B
YAML
---
|
|
fixes:
|
|
- |
|
|
The security role previously set the permissions on all audit log files in
|
|
``/var/log/audit`` to ``0400``, but this prevents the audit daemon from
|
|
writing to the active log file. This will prevent ``auditd`` from
|
|
starting or restarting cleanly.
|
|
|
|
The task now removes any permissions that are not allowed by the STIG. Any
|
|
log files that meet or exceed the STIG requirements will not be modified.
|