diff --git a/linux_os/guide/services/ntp/file_groupowner_etc_chrony_keys/oval/shared.xml b/linux_os/guide/services/ntp/file_groupowner_etc_chrony_keys/oval/shared.xml
new file mode 100644
index 00000000000..9c3a8f32ac6
--- /dev/null
+++ b/linux_os/guide/services/ntp/file_groupowner_etc_chrony_keys/oval/shared.xml
@@ -0,0 +1,72 @@
+
+
+
+ {{{ oval_metadata("/etc/chrony.keys should be owned by chrony group") }}}
+
+
+
+
+
+
+
+
+
+
+
+
+{{{ oval_test_nsswitch_uses_altfiles() }}}
+
+
+
+
+
+ /etc/chrony.keys
+ state_file_groupowner_etc_chrony_keys_uid_chrony
+ state_file_groupowner_etc_chrony_keys_gid_chrony
+
+
+ /etc/group
+ ^chrony:\w+:(\w+):.*
+ 1
+
+
+
+
+
+ symbolic link
+
+
+
+
+
+
+
+
+
+ /etc/chrony.keys
+ state_file_groupowner_etc_chrony_keys_uid_chrony
+ state_file_groupowner_etc_chrony_keys_gid_chrony_with_usrlib
+
+
+
+ object_file_groupowner_etc_chrony_keys_etc_group
+ object_file_groupowner_etc_chrony_keys_usr_lib_group
+
+
+
+ /usr/lib/group
+ ^chrony:\w+:(\w+):.*
+ 1
+
+
+
+
+
+
+
+
+
diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/oval/shared.xml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/oval/shared.xml
index 2abf8f046d9..9c7e307c69a 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/oval/shared.xml
+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/oval/shared.xml
@@ -92,22 +92,7 @@
state_file_permissions_ungroupowned_sysroot
-
-
-
-
-
-
- /etc/nsswitch.conf
- ^\s*group:\s+(.*)$
- 1
-
-
-
- altfiles
-
+{{{ oval_test_nsswitch_uses_altfiles() }}}
+
+
+
+
+ /etc/nsswitch.conf
+ ^\s*group:\s+(.*)$
+ 1
+
+
+ altfiles
+
+{{%- endmacro -%}}