NixOS systemd-journald directory must have a mode of 2755 or less permissive.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-268117 | SRG-OS-000057-GPOS-00027 | ANIX-00-000590 | SV-268117r1131034_rule | 2025-08-19 | 1 |
| Description |
|---|
| Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit records, audit settings, audit reports) needed to successfully audit NixOS system activity. |
| ℹ️ Check |
|---|
| Verify NixOS protects log information from unauthorized read access by implementing a mode of 2755 or less on the creation of log directories with the following command: $ sudo find /var/log/journal -type d -perm -2755 -not -perm 2755 -printf "%p %m\n" If any directories have a permission of greater than 2755, this is a finding. |
| ✔️ Fix |
|---|
| The systemd-journald directories are by design set to 2755 mode. If any directories are found with incorrect perms, correct them with the following command: $ sudo find /var/log/journal -type d -exec chmod 2755 {} \; |