Closed sblaisot closed 3 years ago
CIS benchmark states in §2.2.1.4 that ntp config should contain
restrict -4 default kod nomodify notrap nopeer noquery
However, debian's default config file has
restrict -4 default kod notrap nomodify nopeer noquery limited
Which is the exact same flags (with the addition of limited) but in a different order.
So debian default ntp configuration is compliant with this CIS rule but check fails.
This PR also validate NTP configuration with debian default flag order
CIS benchmark states in §2.2.1.4 that ntp config should contain
However, debian's default config file has
Which is the exact same flags (with the addition of limited) but in a different order.
So debian default ntp configuration is compliant with this CIS rule but check fails.
This PR also validate NTP configuration with debian default flag order