Incorrect error for "Verify Permissions on the system journal" (Ubuntu 22.04 STIG)

[jaredledvina]

Description of problem:

The Verify Permissions on the system journal check for the Ubuntu 22.04 STIG ruleset is slightly off. The check at

content/linux_os/guide/system/logging/journald/file_permissions_system_journal/rule.yml

Line 66 in 21a4c72

filemode: '0640'

checks for 0640 as the permissions. However, the fix text in v2r2 of the STIG states:

"Configure Ubuntu 22.04 LTS to set the appropriate permissions to the files and directories used by the systemd journal: 
 
Add or modify the following lines in the ""/etc/tmpfiles.d/systemd.conf"" file: 
z /run/log/journal 2750 root systemd-journal - - 
Z /run/log/journal/%m ~2750 root systemd-journal - - 
z /var/log/journal 2750 root systemd-journal - - 
z /var/log/journal/%m 2750 root systemd-journal - - 
z /var/log/journal/%m/system.journal 0750 root systemd-journal - - 
 
Restart the system for the changes to take effect."

Which explicitly sets /var/log/journal/%m/system.journal to 0750.

Details:

This content is not aligned with content from

The misalignment affects these profiles:

• Ubuntu 22.04 DISA STIG

The misalignment affects these rules:

• xccdf_org.ssgproject.content_rule_file_permissions_system_journal

Outcome:

• This project's content can be improved:
  • Check needs to be improved.
  • Remediation needs to be improved.
• The external content's check is faulty - the other party needs to be notified, they have work to do.

SCAP Security Guide Version: Unsure...where is this located?

External Content's Version: v2r2