Verify User Who Owns /var/log Directory

An XCCDF Rule

Description

To properly set the owner of /var/log, run the command:

$ sudo chown root /var/log

Rationale

The /var/log directory contains files with logs of error messages in the system and should only be accessed by authorized personnel.

ID: xccdf_org.ssgproject.content_rule_file_owner_var_log
Severity: Medium
References: CCI-001314

SRG-OS-000206-GPOS-00084

SRG-APP-000118-CTR-000240
Updated: about 1 year ago

find -H /var/log/ -maxdepth 1 -type d -exec chown 0 {} \;

- name: Ensure owner on directory /var/log/
  file:
    path: /var/log/
    state: directory
    owner: '0'
  tags:  - configure_strategy
  - file_owner_var_log
  - low_complexity
  - low_disruption
  - medium_severity
  - no_reboot_needed