Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======2.2.1.3 Ensure chrony is configured (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== ''chrony'' is a daemon which implements the Network Time Protocol (NTP) is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on ''chrony'' can be found at http://chrony.tuxfamily.org/. ''chrony'' can be configured to be a client and/or a server. =====Rationale===== If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly. \\ \\ This recommendation only applies if chrony is in use on the system. =====Audit===== Run the following command and verify remote server is configured properly: <Code:bash> # grep "^server" /etc/chrony/chrony.conf server <remote-server> </Code> Multiple servers may be configured. \\ Run the following command and verify ''OPTIONS'' includes ''-u chrony'': <Code:bash> # grep ^OPTIONS /etc/sysconfig/chronyd OPTIONS="-u chrony" </Code> Additional options may be present. =====Remediation===== Add or edit server lines to ''/etc/chrony/chrony.conf'' as appropriate: <Code:bash> server <remote-server> </Code> Add or edit the ''OPTIONS'' in ''/etc/sysconfig/chronyd'' to include ''-u chrony'': <Code:bash> OPTIONS="-u chrony" </Code> centos7/2/2/1/3.txt Last modified: 2017/05/04 15:53by 127.0.0.1