{"description": "<tt>Chrony</tt> is a daemon which implements the Network Time Protocol (NTP). It is designed to\nsynchronize system clocks across a variety of systems and use a source that is highly\naccurate. More information on <tt>chrony</tt> can be found at\n\n    <a xmlns='http://www.w3.org/1999/xhtml' href='https://chrony-project.org/'>https://chrony-project.org/</a>.\n<tt>Chrony</tt> can be configured to be a client and/or a server.\nAdd or edit server or pool lines to <tt>/etc/chrony/chrony.conf</tt> as appropriate:\n<pre>server &lt;remote-server&gt;</pre>\nMultiple servers may be configured.", "rationale": "If <tt>chrony</tt> is in use on the system proper configuration is vital to ensuring time\nsynchronization is working properly.", "severity": "medium", "references": {"nist": ["CM-6(a)", "AU-8(1)(a)"], "pcidss": ["Req-10.4.3"], "anssi": ["R71"], "cis": ["2.3.3.1"], "ism": ["0988", "1405"]}, "control_references": {"anssi": ["R71"], "cis": ["2.3.3.1"], "ism": ["0988", "1405"]}, "components": [], "identifiers": {}, "ocil_clause": "a remote time server is not configured", "ocil": "Run the following command and verify remote servers are configured properly:\n<pre># grep -E \"^(server|pool)\" /etc/chrony/chrony.conf</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[chrony]", "platforms": ["package[chrony]"], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": ["package_chrony"], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Chrony Configure Pool and Server", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/ntp/chronyd_configure_pool_and_server/rule.yml", "template": null}