{"description": "If any files or directories are not group-owned by a valid defined group, the cause of the lack of\ngroup-ownership must be investigated. Following this, those files should be deleted or\nassigned to an appropriate group. The groups need to be defined in <tt>/etc/group</tt>\nor in <tt>/usr/lib/group</tt> if <tt>nss-altfiles</tt> are configured to be used\nin <tt>/etc/nsswitch.conf</tt>.\n\nLocate the mount points related to local devices by the following command:\n<pre>$ findmnt -n -l -k -it $(awk '/nodev/ { print $2 }' /proc/filesystems | paste -sd,)</pre>\n\nFor all mount points listed by the previous command, it is necessary to search for files and directories which\ndo not belong to a valid group using the following command:\n<pre>$ sudo find <i>MOUNTPOINT</i> -xdev -nogroup 2&gt;/dev/null</pre>", "rationale": "Unowned files and directories do not directly imply a security problem, but they are generally a sign that\nsomething is amiss. They may be caused by an intruder, by incorrect software installation or\ndraft software removal, or by failure to remove all files belonging to a deleted account, or\nother similar cases. The files and directories should be repaired so they will not cause problems when\naccounts are created in the future, and the cause should be discovered and addressed.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "files and directories exist that are not owned by a valid group", "ocil": "The following command will locate the mount points related to local devices:\n<pre>$ findmnt -n -l -k -it $(awk '/nodev/ { print $2 }' /proc/filesystems | paste -sd,)</pre>\n\nThe following command will show files and directories which do not belong to a valid group:\n<pre>$ sudo find <i>MOUNTPOINT</i> -xdev -nogroup 2&gt;/dev/null</pre>\n\nReplace <i>MOUNTPOINT</i> by the mount points listed by the fist command.\n\nNo files and directories without a valid group should be located.", "oval_external_content": null, "fixtext": "Either remove all files and directories from Ubuntu 22.04 that do not have a valid group, or assign a valid group to all files and directories on the system with the \"chgrp\" command:\n\n$ sudo chgrp", "checktext": "", "vuldiscussion": "", "srg_requirement": "All Ubuntu 22.04 local files and directories must have a valid group owner.", "warnings": [{"general": "This rule only considers local groups as valid groups.\nIf you have your groups defined outside <code>/etc/group</code> or <code>/usr/lib/group</code>, the rule won't consider those."}, {"general": "This rule can take a long time to perform the check and might consume a considerable\namount of resources depending on the number of files present on the system. It is not a\nproblem in most cases, but especially systems with a large number of files can be affected.\nSee <code>https://access.redhat.com/articles/6999111</code>."}], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Ensure All Files And Directories Are Owned by a Group", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/rule.yml", "template": null}