#!/usr/bin/env bash{output=""l_tsd=""l_sdtd=""chrony=""l_ntp=""dpkg-query-Wchrony>/dev/null2>&1&&l_chrony="y"dpkg-query-Wntp>/dev/null2>&1&&l_ntp="y"||l_ntp=""systemctllist-units--all--type=service|grep-q'systemdtimesyncd.service'&&systemctlis-enabledsystemd-timesyncd.service|grep-q'enabled'&&l_sdtd="y"# ! systemctl is-enabled systemd-timesyncd.service | grep -q 'enabled' && l_nsdtd="y" || l_nsdtd=""if[["$l_chrony"="y"&&"$l_ntp"!="y"&&"$l_sdtd"!="y"]];thenl_tsd="chrony"output="$output\n- chrony is in use on the system"elif[["$l_chrony"!="y"&&"$l_ntp"="y"&&"$l_sdtd"!="y"]];thenl_tsd="ntp"output="$output\n- ntp is in use on the system"elif[["$l_chrony"!="y"&&"$l_ntp"!="y"]];thenifsystemctllist-units--all--type=service|grep-q'systemdtimesyncd.service'&&systemctlis-enabledsystemd-timesyncd.service|grep-Eq'(enabled|disabled|masked)';thenl_tsd="sdtd"output="$output\n- systemd-timesyncd is in use on the system"fielse[["$l_chrony"="y"&&"$l_ntp"="y"]]&&output="$output\n- both chrony and ntp are in use on the system"[["$l_chrony"="y"&&"$l_sdtd"="y"]]&&output="$output\n- both chrony and systemd-timesyncd are in use on the system"[["$l_ntp"="y"&&"$l_sdtd"="y"]]&&output="$output\n- both ntp and systemd-timesyncd are in use on the system"fiif[-n"$l_tsd"];thenecho-e"\n- PASS:\n$output\n"elseecho-e"\n- FAIL:\n$output\n"fi}
NOTE: Follow the guidance in the subsection for the time synchronization daemon available on the system and skip the other two time synchronization daemon subsections.
On physical systems, and virtual systems where host based time synchronization is not available.
Select one of the three time synchronization daemons; chrony (1), systemd-timesyncd (2), or ntp (3), and following the remediation procedure for the selected daemon.
Note: enabling more than one synchronization daemon could lead to unexpected or unreliable results:
chrony
Run the following command to install chrony:
# apt install chrony
Run the following commands to stop and mask the systemd-timesyncd daemon: