{"description": " To properly set the owner of <code>/etc/ipsec.d</code>, run the command:\n<pre>$ sudo chown root /etc/ipsec.d </pre>\n", "rationale": "The ownership of the /etc/ipsec.d directory by the root user is important\nbecause this directory hosts Libreswan configuration. Protection of this\nfile is critical for system security. Assigning the ownership to root\nensures exclusive control of the Libreswan configuration.", "severity": "medium", "references": {"anssi": ["R50"]}, "control_references": {"anssi": ["R50"]}, "components": [], "identifiers": {}, "ocil_clause": "/etc/ipsec.d does not have an owner of root", "ocil": "To check the ownership of <code>/etc/ipsec.d</code>,\nrun the command:\n<pre>$ ls -lL /etc/ipsec.d</pre>\nIf properly configured, the output should indicate the following owner:\n<code>root</code>", "oval_external_content": null, "fixtext": " Change the owner of the file /etc/ipsec.d to root by running the following command:\n$ sudo chown root /etc/ipsec.d", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/ipsec.d file must be owned by root.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[libreswan]", "platforms": ["package[libreswan]"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["package_libreswan"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Verify User Who Owns /etc/ipsec.d Directory", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-ipsec/directory_owner_etc_ipsecd/rule.yml", "template": {"name": "file_owner", "vars": {"filepath": "/etc/ipsec.d/", "uid_or_name": "0"}, "backends": {}}}