Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / ntp / refs/heads/release/2018.11.0
commitd6a9d8db8e030db345a4c01881bfa14d5b43ffb0[log] [tgz]
authorDmitry Teselkin <dteselkin@mirantis.com>Thu Jul 05 11:33:45 2018 +0300
committerDmitry Teselkin <dteselkin@mirantis.com>Thu Aug 16 10:17:04 2018 +0000
treeb22be73b724b9171e5e1305205e3e17d5570a456
parent4015e5868676aa8959faf7a2b3cca1fbab4ef5ac [diff]
Fix CIS 2.2.1.2

Nessus requires that 'restrict' lines contain arguments in a specific order.

Non-compliant file(s)
---------------------
/etc/ntp.conf - regex '^[\s]*restrict[\s]+-4[\s][^:]' found
expect '^[\s]*restrict[\s]+-4[\s]+default[\s]+kod[\s]+nomodify[\s]+notrap[\s]+nopeer[\s]+noquery[\s]*$' not found in the following lines:
  15: restrict -4 default kod notrap nomodify nopeer noquery

Solution
--------
Add or edit restrict lines in /etc/ntp.conf to match the following:
  restrict -4 default kod nomodify notrap nopeer noquery
  restrict -6 default kod nomodify notrap nopeer noquery

Change-Id: Ie26b56d85c9e6aac1526f991c676e5cca75ef00d
1 file changed
tree: b22be73b724b9171e5e1305205e3e17d5570a456
  1. debian/
  2. metadata/
  3. ntp/
  4. tests/
  5. .gitignore
  6. .kitchen.yml
  7. .travis.yml
  8. CHANGELOG.rst
  9. LICENSE
  10. Makefile
  11. metadata.yml
  12. README.rst
  13. VERSION