Uninstall the ntpdate package

An XCCDF Rule

Description

ntpdate is a historical ntp synchronization client for unixes. It sould be uninstalled.

Rationale

ntpdate is an old not security-compliant ntp client. It should be replaced by modern ntp clients such as ntpd, able to use cryptographic mechanisms integrated in NTP.

ID: xccdf_org.ssgproject.content_rule_package_ntpdate_removed
Severity: Low
Updated: about 1 year ago


package --remove=ntpdate

- name: Ensure ntpdate is removed
  package:
    name: ntpdate
    state: absent
  tags:
  - disable_strategy  - low_complexity
  - low_disruption
  - low_severity
  - no_reboot_needed
  - package_ntpdate_removed

include remove_ntpdate

class remove_ntpdate {
  package { 'ntpdate':
    ensure => 'purged',
  }}


# CAUTION: This remediation script will remove ntpdate
#	   from the system, and may remove any packages
#	   that depend on ntpdate. Execute this
#	   remediation AFTER testing on a non-production
#	   system!
if rpm -q --quiet "ntpdate" ; then

    yum remove -y "ntpdate"

fi

Uninstall the ntpdate package

Description

Rationale

Remediation - Anaconda Pre-Install Instructions

Remediation - Ansible

Remediation - Puppet

Remediation - Shell Script