6.2.4.10 Ensure audit tools group owner is configured

Audit#

Run the following command to verify the audit tools are owned by the group root

# stat -Lc "%n %G" /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/augenrules | awk '$2 != "root" {print}'

Nothing should be returned

Run the following command to change group ownership to the groop root:

# chgrp root /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/augenrules