e124b39a80
Ubuntu's default (0400) is more strict than the STIG requirement (0640). (Noted in docs) Change-Id: I198cd6b4d5eac181e22f11c452247d6abacc2d85
378 B
378 B
Ubuntu 14.04 sets logs in /var/log/audit to mode
0400 by default, which makes sense because only the root
user should be able to view the logs. No users should ever be adjusting
or editing the audit logs.
The STIG requirement states that log files must have mode
0640 or less. The Ansible tasks in this role will set the
mode to 0400 to match Ubuntu's default.