Verify Group Who Owns The OpenShift Node Service File

Description

' To properly set the group owner of /etc/systemd/system/kubelet.service, run the command:

$ sudo chgrp root /etc/systemd/system/kubelet.service

'

Rationale

The /etc/systemd/system/kubelet.service file contains information about the configuration of the OpenShift node service that is configured on the system. Protection of this file is critical for OpenShift security.

ID: xccdf_org.ssgproject.content_rule_file_groupowner_worker_service
Severity: Medium
References: CIP-003-8 R6 CIP-004-6 R3 CIP-007-3 R6.1

CM-6 CM-6(1)

SRG-APP-000516-CTR-001325

4.1.2

CCE-83975-3
Updated: about 1 year ago