Skip to content

Commit

Permalink
Improve stability of timesyncd based remediation
Browse files Browse the repository at this point in the history 
Improve generating array of config files for timesyncd service
Improve stability of ansible remediation jinja code to get last element. In some cases last element cannot be extracted directly and appears issue like pallets/jinja#897
  • Loading branch information
@teacup-on-rockingchair
teacup-on-rockingchair committed Nov 5, 2023
1 parent 2c289dc commit 913e40b
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 16 deletions.
2 changes: 1 addition & 1 deletion linux_os/guide/services/ntp/service_timesyncd_configured/ansible/shared.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@

- name: {{{ rule_title }}} - Set Fallback NTP Servers
ansible.builtin.set_fact:
fallback_ntp_servers: '{{ var_multiple_time_servers.split(",") | slice(2)| last |
fallback_ntp_servers: '{{ var_multiple_time_servers.split(",") | slice(2)| list | last |
join(",") }}'

- name: {{{ rule_title }}} - Add missing / update wrong records for NTP servers
Expand Down
17 changes: 9 additions & 8 deletions linux_os/guide/services/ntp/service_timesyncd_configured/bash/shared.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,22 +5,23 @@
# disruption = low

{{{ bash_instantiate_variables("var_multiple_time_servers") }}}

IFS=',' read -r -a time_servers_array <<< "$var_multiple_time_servers"
preferred_ntp_servers_array=("${time_servers_array[@]:0:2}")
preferred_ntp_servers=$( echo "${preferred_ntp_servers_array[@]}"|sed -e 's/\s\+/,/g' )
fallback_ntp_servers_array=("${time_servers_array[@]:2}")
fallback_ntp_servers=$( echo "${fallback_ntp_servers_array[@]}"|sed -e 's/\s\+/,/g' )

IFS=" " mapfile -t current_cfg_arr < <(ls -1 /etc/systemd/timesyncd.d/* 2>/dev/null)
config_file="/etc/systemd/timesyncd.d/oscap-remedy.conf"
current_cfg_arr=( "/etc/systemd/timesyncd.conf" )
current_cfg_arr+=("$(ls /etc/systemd/timesyncd.d/*)")
current_cfg_arr+=( "/etc/systemd/timesyncd.conf" )
# Comment existing NTP FallbackNTP settings
for current_cfg in "${current_cfg_arr[@]}"
do
sed -i 's/^NTP/#&/g' "$current_cfg"
sed -i 's/^FallbackNTP/#&/g' "$current_cfg"
done
if [ ${#current_cfg_arr[@]} -ne 0 ]; then
for current_cfg in "${current_cfg_arr[@]}"
do
sed -i 's/^NTP/#&/g' "$current_cfg"
sed -i 's/^FallbackNTP/#&/g' "$current_cfg"
done
fi
# Set primary fallback NTP servers in drop-in configuration
echo "NTP=$preferred_ntp_servers" >> "$config_file"
echo "FallbackNTP=$fallback_ntp_servers" >> "$config_file"
Expand Down
16 changes: 9 additions & 7 deletions linux_os/guide/services/ntp/service_timesyncd_root_distance_configured/bash/shared.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,14 @@
# disruption = low

config_file="/etc/systemd/timesyncd.d/oscap-remedy.conf"
current_cfg_arr=( "/etc/systemd/timesyncd.conf" )
current_cfg_arr+=("$(ls /etc/systemd/timesyncd.d/*)")
# Comment existing NTP RootDistance settings
for current_cfg in "${current_cfg_arr[@]}"
do
sed -i 's/^RootDistanceMax/#&/g' "$current_cfg"
done
IFS=" " mapfile -t current_cfg_arr < <(ls -1 /etc/systemd/timesyncd.d/* 2>/dev/null)
current_cfg_arr+=( "/etc/systemd/timesyncd.conf" )
# Comment existing NTP FallbackNTP settings
if [ ${#current_cfg_arr[@]} -ne 0 ]; then
for current_cfg in "${current_cfg_arr[@]}"
do
sed -i 's/^RootDistanceMax/#&/g' "$current_cfg"
done
fi
# Set RootDistance in drop-in configuration
echo "RootDistanceMax=1" >> "$config_file"

0 comments on commit 913e40b

Please sign in to comment.