Ensure real-time clock is set to UTC

An XCCDF Rule

Description

Ensure that the system real-time clock (RTC) is set to Coordinated Universal Time (UTC).

Rationale

If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the operating system include date and time. Time is commonly expressed in UTC, a modern continuation of GMT, or local time with an offset from UTC.

ID: xccdf_org.ssgproject.content_rule_ensure_rtc_utc_configuration
Severity: High
References: CCI-001890

AU-8(b)

SRG-OS-000359-GPOS-00146

SLES-12-030310

CCE-83197-4

SV-217282r877383_rule
Updated: about 1 year ago

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then

if timedatectl status | grep -i "time zone" | grep -iv 'UTC\|GMT'; then
    timedatectl set-timezone UTC
fi
else
    >&2 echo 'Remediation is not applicable, nothing was done'
fi

- name: Check 'UTC' timezone is set
  shell: |
    set -o pipefail
    timedatectl status | grep -i 'Time zone'| grep -iv 'UTC\|GMT' || true
  register: check_tz
  failed_when: check_tz.rc not in [ 0 , 1 ]  when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
  tags:
  - CCE-83197-4
  - DISA-STIG-SLES-12-030310
  - NIST-800-53-AU-8(b)
  - ensure_rtc_utc_configuration
  - high_severity

- name: Configure OS to use 'UTC' timezone
  command: timedatectl set-timezone UTC
  become: true
  when:
  - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
  - check_tz.rc == 0
  tags:
  - CCE-83197-4
  - DISA-STIG-SLES-12-030310
  - NIST-800-53-AU-8(b)
  - ensure_rtc_utc_configuration
  - high_severity

Ensure real-time clock is set to UTC

Description

Rationale

Remediation - Shell Script

Remediation - Ansible