Task 4.4 changes owner/group for log files to root/utmp

[jvleminc]

Task 4.4 states "Ensure logrotate assigns appropriate permissions"

In the CIS document the following example is given:

Edit /etc/logrotate.conf and update the create line to read 0640 or more restrictive,
following local site policy

Example:
create 0640 root utmp

Even though this is just an example, the "root utmp" is copied literally into the task and this leads to new log files getting wrong groups, which consecuently leads to logs not being able to be written to these files.

# 4.4 Ensure logrotate assigns appropriate permissions
# It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected.
- name: 4.4 Ensure logrotate assigns appropriate permissions
  lineinfile:
    dest: /etc/logrotate.conf
    regexp: "^create"
    line: "create 0640 root utmp"

The correct way should be just changing the file permissions, without changing the already set owner/group, something like:

    path: /etc/logrotate.conf
   regexp: '^create (.*) (.*)$'
   line: 'create 0640 \2'
   backrefs: yes
   ```

[jvleminc]

@Sebastian-RG Can you fix this?