{"description": " To properly set the owner of <code>/etc/chrony.keys</code>, run the command:\n<pre>$ sudo chown root /etc/chrony.keys </pre>\n", "rationale": "The ownership of the /etc/chrony.keys file by the chrony user is important\nbecause this file hosts chrony cryptographic keys. Protection\nof this file is critical for system security. Assigning the ownership to\nchrony ensures exclusive control of the chrony cryptographic keys.", "severity": "medium", "references": {"anssi": ["R50"]}, "control_references": {"anssi": ["R50"]}, "components": [], "identifiers": {}, "ocil_clause": "/etc/chrony.keys does not have an owner of root", "ocil": "To check the ownership of <code>/etc/chrony.keys</code>,\nrun the command:\n<pre>$ ls -lL /etc/chrony.keys</pre>\nIf properly configured, the output should indicate the following owner:\n<code>root</code>", "oval_external_content": null, "fixtext": " Change the owner of the file /etc/chrony.keys to root by running the following command:\n$ sudo chown root /etc/chrony.keys", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/chrony.keys file must be owned by root.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Verify User Who Owns /etc/chrony.keys File", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/ntp/file_owner_etc_chrony_keys/rule.yml", "template": {"name": "file_owner", "vars": {"filepath": "/etc/chrony.keys", "uid_or_name": "0"}, "backends": {}}}