From e8834e5e6ef0ef1d02f6679f9900fc06bb3e12ab Mon Sep 17 00:00:00 2001 From: mon-jenkins Date: Fri, 10 Feb 2023 17:20:06 +1100 Subject: [PATCH] TECHOPS-11798 fix chronyd remote server check --- tasks/level-1/2.1.1.3.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tasks/level-1/2.1.1.3.yml b/tasks/level-1/2.1.1.3.yml index 54e97d87..31d1f47a 100644 --- a/tasks/level-1/2.1.1.3.yml +++ b/tasks/level-1/2.1.1.3.yml @@ -4,15 +4,18 @@ # 2.1.1.3 Ensure chrony is configured - name: 2.1.1.3 verify a remote chrony server is configured - command: > - egrep -c '^(server|pool)' /etc/chrony.conf - register: line_matched + shell: "egrep --no-filename -Rc '^(server|pool)' /etc/chrony.conf /etc/chrony.d" + ignore_errors: true + register: lines_matched when: cis_enable_chrony and not cis_enable_ntp tags: - level-1 - "2.1.1.3" - scored +- set_fact: + matchCount: "{{ lines_matched.stdout_lines|map('int')|sum }}" + - fail: msg: No server or pool seems to be configured for Chrony. Please fix this as per item 2.1.1.3 of the benchmark, and re-run this play. - when: line_matched == "0" + when: matchCount == 0