|
@@ -269,8 +269,8 @@ def test_ntp_software_installed(host):
|
|
|
Tests if NTP packages are installed.
|
|
|
"""
|
|
|
|
|
|
assert host.package('ntp').is_installed
|
|
|
assert host.package('ntpdate').is_installed
|
|
|
assert host.package('ntpsec').is_installed
|
|
|
assert host.package('ntpsec-ntpdate').is_installed
|
|
|
|
|
|
|
|
|
def test_ntp_server_configuration(host):
|
|
@@ -280,11 +280,17 @@ def test_ntp_server_configuration(host):
|
|
|
|
|
|
with host.sudo():
|
|
|
|
|
|
# Read the configuration file.
|
|
|
configuration = host.file("/etc/ntp.conf").content_string.split("\n")
|
|
|
# Check for presence of the configuration file.
|
|
|
configuration_file = host.file("/etc/ntpsec/ntp.conf")
|
|
|
|
|
|
# Extract only the relevant sections of files (exculde empty
|
|
|
assert configuration_file.exists
|
|
|
assert configuration_file.user == 'root'
|
|
|
assert configuration_file.group == 'root'
|
|
|
assert configuration_file.mode == 0o644
|
|
|
|
|
|
# Extract relevant sections of configuration (exclude empty
|
|
|
# lines and comments).
|
|
|
configuration = configuration_file.content_string.split("\n")
|
|
|
configuration = [c.strip() for c in configuration if re.match(r'^\s*(|#.*)$', c) is None]
|
|
|
|
|
|
# Ensure correct servers have been configured in the pool.
|
|
@@ -296,10 +302,9 @@ def test_ntp_server_configuration(host):
|
|
|
|
|
|
assert sorted(servers) == sorted(expected_servers)
|
|
|
|
|
|
# Ensure querying of server is disable for untrusted clients.
|
|
|
# Ensure querying of server is disabled for untrusted clients.
|
|
|
restrictions = [c for c in configuration if c.startswith('restrict')]
|
|
|
expected_restrictions = ["restrict -4 default kod notrap nomodify nopeer noquery",
|
|
|
"restrict -6 default kod notrap nomodify nopeer noquery",
|
|
|
expected_restrictions = ["restrict default kod nomodify nopeer noquery limited",
|
|
|
"restrict 127.0.0.1",
|
|
|
"restrict ::1"]
|
|
|
|