Incorrect error for "Verify Permissions on the system journal" (Ubuntu 22.04 STIG)

[jaredledvina]

Description of problem:

The Verify Permissions on the system journal check for the Ubuntu 22.04 STIG ruleset is slightly off. The check at https://github.com/ComplianceAsCode/content/blob/21a4c72c55245b055fbf2d767beb7e7e704e37e7/linux_os/guide/system/logging/journald/file_permissions_system_journal/rule.yml#L66 checks for 0640 as the permissions. However, the fix text in v2r2 of the STIG states:

"Configure Ubuntu 22.04 LTS to set the appropriate permissions to the files and directories used by the systemd journal: 

Add or modify the following lines in the ""/etc/tmpfiles.d/systemd.conf"" file: 
z /run/log/journal 2750 root systemd-journal - - 
Z /run/log/journal/%m ~2750 root systemd-journal - - 
z /var/log/journal 2750 root systemd-journal - - 
z /var/log/journal/%m 2750 root systemd-journal - - 
z /var/log/journal/%m/system.journal 0750 root systemd-journal - - 

Restart the system for the changes to take effect."

Which explicitly sets /var/log/journal/%m/system.journal to 0750.

Details:

This content is not aligned with content from

The misalignment affects these profiles:

• Ubuntu 22.04 DISA STIG

The misalignment affects these rules:

• xccdf_org.ssgproject.content_rule_file_permissions_system_journal

Outcome:

• [x] This project's content can be improved:
  • [x] Check needs to be improved.
  • [ ] Remediation needs to be improved.
• [ ] The external content's check is faulty - the other party needs to be notified, they have work to do.

SCAP Security Guide Version: Unsure...where is this located?

External Content's Version: v2r2