Skip to content

2.1.4.3 Ensure ntp is running as user ntp

Audit#

IF ntp is in use on the system run the following command to verify the ntpd daemon is being run as the user ntp: 

# ps -ef | awk '(/[n]tpd/ && $1!="ntp") { print $1 }'

Nothing should be returned

Run the following command to verify the RUNASUSER= is set to ntp in /etc/init.d/ntp: 

# grep -P -- '^\h*RUNASUSER=' /etc/init.d/ntp
RUNASUSER=ntp

Remediation#

Add or edit the following line in /etc/init.d/ntp: 

RUNASUSER=ntp

Run the following command to restart ntp.servocee: 

# systemctl restart ntp.service

OR

If another time synchronization service is in use on the system, run the following command to remove ntp from the system: 

# apt purge ntp

Default Value:

user ntp