Use the chrony_conf Chef InSpec audit resource to test the synchronization settings defined in the chrony.conf file. This file is typically located at /etc/chrony.conf.
This resource is distributed along with Chef InSpec itself. You can use it automatically.
An chrony_conf resource block declares the synchronization settings that should be tested:
describe chrony_conf('PATH') do
its('setting_name') { should eq 'VALUE' }
end
where:
'setting_name' is a synchronization setting defined in the chrony.conf file.('path') is the non-default path to the chrony.conf file (default path is /etc/chrony.conf).{ should eq 'value' } is the value that is expected.The following examples show how to use this Chef InSpec audit resource.
This resource matches any service listed in the chrony.conf file.
describe chrony_conf do
its('driftfile') { should cmp '/var/lib/chrony/drift' }
its('server') do
should cmp [
'0.ubuntu.pool.ntp.org',
'1.ubuntu.pool.ntp.org',
'2.ubuntu.pool.ntp.org'
]
end
end
describe chrony_conf do
its('server') { should_not eq nil }
its('allow') { should include '192.168.0.0/16'}
end
For a full list of available matchers, please visit our matchers page.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/chrony_conf/