{"description": " To properly set the group owner of <code>/etc/sudoers.d</code>, run the command:\n<pre>$ sudo chgrp root /etc/sudoers.d</pre>\n", "rationale": "The ownership of the /etc/sudoers.d directory by the root group is important\nbecause this directory hosts sudo configuration. Protection of this\ndirectory is critical for system security. Assigning the ownership to root\nensures exclusive control of the sudo configuration.", "severity": "medium", "references": {"anssi": ["R50"]}, "control_references": {"anssi": ["R50"]}, "components": [], "identifiers": {}, "ocil_clause": "/etc/sudoers.d does not have a group owner of\nroot\n", "ocil": "To check the group ownership of <code>/etc/sudoers.d</code>,\nrun the command:\n<pre>$ ls -lL /etc/sudoers.d</pre>\nIf properly configured, the output should indicate the following group-owner:\n\n  <code>root</code>\n  ", "oval_external_content": null, "fixtext": " Change the group of the file /etc/sudoers.d to root by running the following command:\n$ sudo chgrp root /etc/sudoers.d", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/sudoers.d file must be group-owned by root.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Verify Group Who Owns /etc/sudoers.d Directory", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/sudo/directory_groupowner_etc_sudoersd/rule.yml", "template": {"name": "file_groupowner", "vars": {"filepath": "/etc/sudoers.d/", "gid_or_name": "root"}, "backends": {}}}