QA Fixes

Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
2026-03-25 14:27:12 +00:00 · 2026-02-10 16:01:05 -05:00 · 2026-02-10 16:01:05 -05:00 · 11becb32c5
commit 11becb32c5
parent 2863be6c02
17 changed files with 132 additions and 58 deletions
--- a/templates/etc/chrony.conf.j2
+++ b/templates/etc/chrony.conf.j2
@ -11,17 +11,19 @@ driftfile /var/lib/chrony/drift

 # Allow the system clock to be stepped in the first three updates
 # if its offset is larger than 1 second.
-makestep 1.0 3
+makestep {{ rhel9cis_chrony_server_makestep }}

+{% if rhel9cis_chrony_server_rtcsync %}
 # Enable kernel synchronization of the real-time clock (RTC).
 rtcsync
+{% endif %}

 # Enable hardware timestamping on all interfaces that support it.
 #hwtimestamp *

 # Increase the minimum number of selectable sources required to adjust
 # the system clock.
-#minsources 2
+minsources {{ rhel9cis_chrony_server_minsources }}

 # Allow NTP client access from local network.
 #allow 192.168.0.0/16
--- a/templates/etc/security/pwquality.conf.d/50-pwroot.conf.j2
+++ b/templates/etc/security/pwquality.conf.d/50-pwroot.conf.j2
@ -1,3 +1,3 @@
 # CIS Configurations
-# 5.3.3.2.8 Ensure password quality is enforced for the root user
+# 5.3.3.2.7 Ensure password quality is enforced for the root user
 {{ rhel9cis_passwd_quality_enforce_root_value }}