6.2.4.7 Ensure audit configuration files group owner is configured
Audit
Run the following command to verify that the audit configuration files are owned by the group root:
# find /etc/audit/ -type f \( -name '*.conf' -o -name '*.rules' \) ! -group root
Run the following command to change group to root:
# find /etc/audit/ -type f \( -name '*.conf' -o -name '*.rules' \) ! -group root -exec chgrp root {} +