Ubuntu 22.04 This test makes sure that /sbin/auditctl, /sbin/aureport, /sbin/ausearch, /sbin/autrace, /sbin/auditd, /sbin/rsyslogd, /sbin/augenrules has mode 0755. If the target file or directory has an extended ACL, then it will fail the mode check. /sbin/auditctl exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_0_mode_0755or_stricter_ false false false false false /sbin/aureport exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_1_mode_0755or_stricter_ false false false false false /sbin/ausearch exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_2_mode_0755or_stricter_ false false false false false /sbin/autrace exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_3_mode_0755or_stricter_ false false false false false /sbin/auditd exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_4_mode_0755or_stricter_ false false false false false /sbin/rsyslogd exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_5_mode_0755or_stricter_ false false false false false /sbin/augenrules exclude_symlinks_file_audit_tools_permissions state_file_permissionsfile_audit_tools_permissions_6_mode_0755or_stricter_ false false false false false symbolic link