Skip to content

Install the ntp service

An XCCDF Rule

Description

The ntpd service should be installed.

Rationale

Time synchronization (using NTP) is required by almost all network and administrative tasks (syslog, cryptographic based services (authentication, etc.), etc.). Ntpd is regulary maintained and updated, supporting security features such as RFC 5906.

ID
xccdf_org.ssgproject.content_rule_package_ntp_installed
Severity
High
References
Updated



Remediation - Anaconda Pre-Install Instructions


package --add=ntp

Remediation - OS Build Blueprint


[[packages]]
name = "ntp"
version = "*"

Remediation - Ansible

- name: Ensure ntp is installed
  package:
    name: ntp
    state: present
  when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
  tags:

Remediation - Puppet

include install_ntp

class install_ntp {
  package { 'ntp':
    ensure => 'installed',
  }

Remediation - Shell Script

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then

if ! rpm -q --quiet "ntp" ; then
    dnf install -y "ntp"
fi