Skip to content

Verify User Who Owns Backup group File

An XCCDF Rule

Description

To properly set the owner of /etc/group-, run the command:

$ sudo chown root /etc/group- 

Rationale

The /etc/group- file is a backup file of /etc/group, and as such, it contains information regarding groups that are configured on the system. Protection of this file is important for system security.

ID
xccdf_org.ssgproject.content_rule_file_owner_backup_etc_group
Severity
Medium
References
Updated



Remediation - Shell Script

chown 0 /etc/group-

Remediation - Ansible

- name: Test for existence /etc/group-
  stat:
    path: /etc/group-
  register: file_exists
  tags:
  - NIST-800-53-AC-6 (1)