chrony_conf resource
Use the chrony_conf Chef InSpec audit resource to test the synchronization settings defined in the chrony.conf file. This file is typically located at /etc/chrony.conf.
Availability
Installation
This resource is distributed along with Chef InSpec itself. You can use it automatically.
Syntax
An chrony_conf resource block declares the synchronization settings that should be tested:
describe chrony_conf('PATH') do
its('setting_name') { should eq 'VALUE' }
end
where:
-
'setting_name'is a synchronization setting defined in thechrony.conffile. -
('path')is the non-default path to thechrony.conffile (default path is/etc/chrony.conf). -
{ should eq 'value' }is the value that is expected.
Examples
The following examples show how to use this Chef InSpec audit resource.
This resource matches any service listed in the chrony.conf file.
Test for clock drift against named servers
describe chrony_conf do
its('driftfile') { should cmp '/var/lib/chrony/drift' }
its('server') do
should cmp [
'0.ubuntu.pool.ntp.org',
'1.ubuntu.pool.ntp.org',
'2.ubuntu.pool.ntp.org'
]
end
end
Test that an NTP server exists and a specific subnet is specified from which NTP clients are accessible
describe chrony_conf do
its('server') { should_not eq nil }
its('allow') { should include '192.168.0.0/16'}
end
Matchers
For a full list of available matchers, please visit our matchers page.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/chrony_conf/
