diff --git a/linux_os/guide/system/permissions/files/permissions_local_var_log/bash/ubuntu.sh b/linux_os/guide/system/permissions/files/permissions_local_var_log/bash/ubuntu.sh
deleted file mode 100644
index 40358090d9b..00000000000
--- a/linux_os/guide/system/permissions/files/permissions_local_var_log/bash/ubuntu.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-# platform = multi_platform_ubuntu
-
-readarray -t files < <(find /var/log/ -type f)
-for file in "${files[@]}"; do
-    if basename $file | grep -qE '^.*$'; then
-        chmod 0640 $file
-    fi
-done
-
-if grep -qE "^f \/var\/log\/(btmp|wtmp|lastlog)? " /usr/lib/tmpfiles.d/var.conf; then
-    sed -i --follow-symlinks "s/\(^f[[:space:]]\+\/var\/log\/btmp[[:space:]]\+\)\(\([[:digit:]]\+\)[^ $]*\)/\10640/" /usr/lib/tmpfiles.d/var.conf
-    sed -i --follow-symlinks "s/\(^f[[:space:]]\+\/var\/log\/wtmp[[:space:]]\+\)\(\([[:digit:]]\+\)[^ $]*\)/\10640/" /usr/lib/tmpfiles.d/var.conf
-    sed -i --follow-symlinks "s/\(^f[[:space:]]\+\/var\/log\/lastlog[[:space:]]\+\)\(\([[:digit:]]\+\)[^ $]*\)/\10640/" /usr/lib/tmpfiles.d/var.conf
-fi
diff --git a/linux_os/guide/system/permissions/files/permissions_local_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_local_var_log/rule.yml
index 7701aa948aa..56400e75303 100644
--- a/linux_os/guide/system/permissions/files/permissions_local_var_log/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_local_var_log/rule.yml
@@ -56,8 +56,12 @@ template:
     name: file_permissions
     vars:
         excluded_files@sle15: ['*[bw]tmp', '*lastlog']
+        excluded_files@ubuntu2004: ['history.log', 'eipp.log.xz', '*[bw]tmp', '*lastlog']
+        excluded_files@ubuntu2204: ['history.log', 'eipp.log.xz', '*[bw]tmp', '*lastlog']
         file_regex: '.*'
         filemode: '0640'
         filepath: /var/log/
         recursive@sle12: 'true'
         recursive@sle15: 'true'
+        recursive@ubuntu2004: 'true'
+        recursive@ubuntu2204: 'true'