Major Hayden e124b39a80 V-38498: Audit log file permissions
Ubuntu's default (0400) is more strict than the STIG requirement (0640).
(Noted in docs)

Change-Id: I198cd6b4d5eac181e22f11c452247d6abacc2d85
2015-10-14 13:43:26 +00:00

378 B

Ubuntu 14.04 sets logs in /var/log/audit to mode 0400 by default, which makes sense because only the root user should be able to view the logs. No users should ever be adjusting or editing the audit logs.

The STIG requirement states that log files must have mode 0640 or less. The Ansible tasks in this role will set the mode to 0400 to match Ubuntu's default.