Major Hayden 9363a17f0f V-38623: rsyslog file permissions
Implements: blueprint security-hardening

Change-Id: I168d588f3f1672c600f381ec47909819b122c412
2015-10-15 07:43:48 -05:00

328 B

Ubuntu sets the mode on rsyslog files to 0640 by default, but the STIG requires 0600 or less. The Ansible tasks will adjust the rsyslog configuration so that any new log files will have the mode set to 0600.

This will take effect the next time that log files are rotated with logrotate (configured in V-38624).