search

ansible-lockdown / AMAZON2023-CIS

Ansible role for Amazon2023 CIS Baseline
https://ansible-lockdown.readthedocs.io/en/latest/
MIT License
24 stars 19 forks source link

Task 2.1.2 was not implemented properly #20

Closed DianaMariaDDM closed 5 months ago

DianaMariaDDM commented 9 months ago

Describe the Issue The wrong file is getting edited for the implementation of this control.

Expected Behavior At the "Remediation" section of this rule CIS states that one should Add or edit server or pool lines to file ending in .conf in the /etc/chrony.d as appropriate.

Actual Behavior The task for this rule is trying to edit the configuration file from the "/etc" directory, which is close to, but not quite what CIS wants from this rule.

Control(s) Affected 2.1.2 Ensure chrony is configured

Environment (please complete the following information):

Additional Notes Anything additional goes here

Possible Solution This is a quick fix by simply modifying the existing path from /etc/chrony.conf to /etc/chrony.d/chrony.conf. This fix will be provided in a PR.

uk-bolly commented 5 months ago

hi @DianaMariaDDM

I am going thorugh and tidying up issues and PRs for Amazon2023, it appears alot of these are now completed and merged Please feel free to reopen any that you feel aren't working as expected.

Many thanks

uk-bolly