Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6259

allow for customizations to '/etc/chrony.conf' with the chronyd-client-only rule

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • compliance-operator
    • None
    • False
    • None
    • False
    • Not Selected

      Tested on: OpenShift version 4.13
      Any version of Compliance Operator

       

      openshift-compliance check "chronyd-client-only" states that the check should pass if:

      $ grep -w port /etc/chrony.conf
port 0

      However, after adding "port 0" to the machine config value, the check does not pass.

      sh-4.4# chroot /host
sh-5.1# grep -w port /etc/chrony.conf
port 0
sh-5.1#

       

      [root@b9d502b3e11d rhcos]# oc get ccr | grep chrony | grep client
bcbssc-rhcos4-high-canary-chronyd-client-only FAIL low

      The only way that we can get this check to PASS is to paste the exact value in the remediation which overrides any custom values.

              rh-ee-masimonm Maria Simon Marcos
              rhn-support-dtarabor Dennis Taraborelli
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: