Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update ntpd maxpoll to align with DISA #2252

Merged
merged 2 commits into from
Aug 16, 2017
Merged

update ntpd maxpoll to align with DISA #2252

merged 2 commits into from
Aug 16, 2017

Conversation

shawndwells
Copy link
Member

Original DISA drafts lowered the system default setting from 10 to 17. Apparently DISA quietly updated their value to align with system defaults. This PR adjusts SSG to match.

<fixtext fixref="F-78623r3_fix">Edit the "/etc/ntp.conf" file and add or update an entry to define "maxpoll" to "10" as follows:^M
^M
maxpoll 10^M
^M
If NTP was running and "maxpoll" was updated, the NTP service must be restarted:^M
^M
# systemctl restart ntpd^M
^M
If NTP was not running, it must be started:^M
^M
# systemctl start ntpd</fixtext>

@shawndwells
update ntpd maxpoll to align with DISA
2074ecc 
Original DISA drafts lowered the system default setting from 10 to 17. Apparently DISA quietly updated their value to align with system defaults. This PR adjusts  SSG to match.
@konstruktoid
Copy link
Contributor

Closes #1982

jan-cerny
jan-cerny reviewed Aug 15, 2017
View reviewed changes
shared/xccdf/services/ntp.xml Outdated
@@ -64,7 +64,7 @@ information on the capabilities and configuration of each of the NTP daemons.
<Value id="var_time_service_set_maxpoll" type="number" >
<title>Maximum NTP or Chrony Poll</title>
<description>The maximum NTP or Chrony poll interval number in seconds.</description>
<value selector="">17</value>
<value selector="">10</value>
<value selector="system_default">10</value>
<value selector="disa">17</value>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

disa selector is here

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@shawndwells need to change in both locations.

@shawndwells
update values for var_time_service_set_maxpoll
4d35618 
rename "disa" to "17_seconds"
@shawndwells
Copy link
Member Author

@redhatrises updated. the original value of "disa" wasn't selected in any profile, since disa matched the default value.

@redhatrises redhatrises self-assigned this Aug 16, 2017
@redhatrises redhatrises added the bugfix Fixes to reported bugs. label Aug 16, 2017
@redhatrises redhatrises added this to the 0.1.35 milestone Aug 16, 2017
@redhatrises
Copy link
Contributor

Ack.

@redhatrises redhatrises merged commit 77ed7e6 into ComplianceAsCode:master Aug 16, 2017
@redhatrises redhatrises mentioned this pull request Aug 16, 2017
Closed
@shawndwells shawndwells deleted the update-maxpoll branch August 16, 2017 17:02
@yuumasato yuumasato mentioned this pull request Aug 21, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@redhatrises redhatrises redhatrises left review comments

@jan-cerny jan-cerny jan-cerny left review comments

Assignees

@redhatrises redhatrises

Labels
bugfix Fixes to reported bugs.
Projects
None yet
Milestone
0.1.35
Development

Successfully merging this pull request may close these issues.
4 participants
@shawndwells @konstruktoid @redhatrises @jan-cerny