Install the ntp service
An XCCDF Rule
Description
The ntpd service should be installed.
Rationale
Time synchronization (using NTP) is required by almost all network and administrative tasks (syslog, cryptographic based services (authentication, etc.), etc.). Ntpd is regulary maintained and updated, supporting security features such as RFC 5906.
- ID
- xccdf_org.ssgproject.content_rule_package_ntp_installed
- Severity
- High
- References
- Updated
Remediation - Anaconda Pre-Install Instructions
package --add=ntp
Remediation - OS Build Blueprint
[[packages]]
name = "ntp"
version = "*"
Remediation - Ansible
- name: Ensure ntp is installed
package:
name: ntp
state: present
when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
Remediation - Puppet
include install_ntp
class install_ntp {
package { 'ntp':
ensure => 'installed',
}
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
if ! rpm -q --quiet "ntp" ; then
dnf install -y "ntp"
fi