|
 |
ff1465 |
commit ecedabee39e65415001ba59bf3c927329a10720f
|
|
|
ff1465 |
Author: Watson Sato <wsato@redhat.com>
|
|
|
ff1465 |
Date: Mon Feb 28 11:40:02 2022 +0100
|
|
|
ff1465 |
|
|
|
ff1465 |
Manual edited patch scap-security-guide-0.1.61-no_time_servers_chrony-PR_8187.patch.
|
|
|
ff1465 |
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/oval/shared.xml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/oval/shared.xml
|
|
|
ff1465 |
index a7b2a62..25a8589 100644
|
|
|
ff1465 |
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/oval/shared.xml
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/oval/shared.xml
|
|
|
ff1465 |
@@ -3,17 +3,25 @@
|
|
|
ff1465 |
{{{ oval_metadata("Configure the maxpoll setting in /etc/ntp.conf or chrony.conf
|
|
|
ff1465 |
to continuously poll the time source servers.") }}}
|
|
|
ff1465 |
<criteria operator="OR">
|
|
|
ff1465 |
- <criteria operator="AND">
|
|
|
ff1465 |
-
|
|
|
ff1465 |
- test_ref="test_ntp_set_maxpoll" />
|
|
|
ff1465 |
-
|
|
|
ff1465 |
- test_ref="test_ntp_all_server_has_maxpoll"/>
|
|
|
ff1465 |
+ <criteria operator="OR">
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_ntp_no_server"/>
|
|
|
ff1465 |
+ <criteria operator="AND">
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_ntp_set_maxpoll" />
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_ntp_all_server_has_maxpoll"/>
|
|
|
ff1465 |
+ </criteria>
|
|
|
ff1465 |
</criteria>
|
|
|
ff1465 |
- <criteria operator="AND">
|
|
|
ff1465 |
-
|
|
|
ff1465 |
- test_ref="test_chrony_set_maxpoll" />
|
|
|
ff1465 |
-
|
|
|
ff1465 |
- test_ref="test_chrony_all_server_has_maxpoll"/>
|
|
|
ff1465 |
+ <criteria operator="OR">
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_chrony_no_server_nor_pool"/>
|
|
|
ff1465 |
+ <criteria operator="AND">
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_chrony_set_maxpoll" />
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ test_ref="test_chrony_all_server_has_maxpoll"/>
|
|
|
ff1465 |
+ </criteria>
|
|
|
ff1465 |
</criteria>
|
|
|
ff1465 |
</criteria>
|
|
|
ff1465 |
</definition>
|
|
|
ff1465 |
@@ -77,4 +85,26 @@
|
|
|
ff1465 |
<ind:subexpression operation="pattern match" datatype="string">maxpoll \d+</ind:subexpression>
|
|
|
ff1465 |
</ind:textfilecontent54_state>
|
|
|
ff1465 |
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ comment="check if no server entries have server or pool set in /etc/chrony.conf"
|
|
|
ff1465 |
+ id="test_chrony_no_server_nor_pool" version="1">
|
|
|
ff1465 |
+ <ind:object object_ref="obj_chrony_no_server_nor_pool" />
|
|
|
ff1465 |
+ </ind:textfilecontent54_test>
|
|
|
ff1465 |
+ <ind:textfilecontent54_object id="obj_chrony_no_server_nor_pool" version="1">
|
|
|
ff1465 |
+ <ind:filepath operation="pattern match">^/etc/chrony\.(conf|d/.+\.conf)$</ind:filepath>
|
|
|
ff1465 |
+ <ind:pattern operation="pattern match">^(?:server|pool).*</ind:pattern>
|
|
|
ff1465 |
+ <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
|
|
|
ff1465 |
+ </ind:textfilecontent54_object>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ comment="check if all server entries have maxpoll set in /etc/ntp.conf"
|
|
|
ff1465 |
+ id="test_ntp_no_server" version="1">
|
|
|
ff1465 |
+ <ind:object object_ref="obj_ntp_no_server_nor_pool" />
|
|
|
ff1465 |
+ </ind:textfilecontent54_test>
|
|
|
ff1465 |
+ <ind:textfilecontent54_object id="obj_ntp_no_server_nor_pool" version="1">
|
|
|
ff1465 |
+ <ind:filepath>/etc/ntp.conf</ind:filepath>
|
|
|
ff1465 |
+ <ind:pattern operation="pattern match">^server.*</ind:pattern>
|
|
|
ff1465 |
+ <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
|
|
|
ff1465 |
+ </ind:textfilecontent54_object>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
</def-group>
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
|
|
|
ff1465 |
index 854e8e8..77af724 100644
|
|
|
ff1465 |
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
|
|
|
ff1465 |
@@ -11,6 +11,8 @@ description: |-
|
|
|
ff1465 |
<tt>maxpoll</tt> in <tt>/etc/ntp.conf</tt> or <tt>/etc/chrony.conf</tt>
|
|
|
ff1465 |
add the following:
|
|
|
ff1465 |
maxpoll {{{ xccdf_value("var_time_service_set_maxpoll") }}}
|
|
|
ff1465 |
+ If no <tt>server</tt> or <tt>pool</tt> directives are configured, the rule evaluates
|
|
|
ff1465 |
+ to pass.
|
|
|
ff1465 |
{{% if product == "rhcos4" %}}
|
|
|
ff1465 |
|
|
|
ff1465 |
Note that if the remediation shipping with this content is being used, the
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..bbae20f
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh
|
|
|
ff1465 |
@@ -0,0 +1,12 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+#
|
|
|
ff1465 |
+# profiles = xccdf_org.ssgproject.content_profile_stig
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+yum remove -y ntp
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+# Remove all pool and server options
|
|
|
ff1465 |
+sed -i "/^pool.*/d" /etc/chrony.conf
|
|
|
ff1465 |
+sed -i "/^server.*/d" /etc/chrony.conf
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+systemctl enable chronyd.service
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/oval/shared.xml b/linux_os/guide/services/ntp/chronyd_server_directive/oval/shared.xml
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..2244e60
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/oval/shared.xml
|
|
|
ff1465 |
@@ -0,0 +1,33 @@
|
|
|
ff1465 |
+<def-group>
|
|
|
ff1465 |
+ <definition class="compliance" id="{{{ rule_id }}}" version="1">
|
|
|
ff1465 |
+ {{{ oval_metadata("Ensure Chrony has time sources configured with server directive") }}}
|
|
|
ff1465 |
+ <criteria comment="chrony.conf only has server directive">
|
|
|
ff1465 |
+ <criterion test_ref="test_chronyd_server_directive_with_server" />
|
|
|
ff1465 |
+ <criterion test_ref="test_chronyd_server_directive_no_pool" />
|
|
|
ff1465 |
+ </criteria>
|
|
|
ff1465 |
+ </definition>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ comment="Ensure at least one time source is set with server directive" id="test_chronyd_server_directive_with_server"
|
|
|
ff1465 |
+ version="1">
|
|
|
ff1465 |
+ <ind:object object_ref="object_chronyd_server_directive" />
|
|
|
ff1465 |
+ </ind:textfilecontent54_test>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ id="object_chronyd_server_directive" version="1">
|
|
|
ff1465 |
+ <ind:filepath operation="pattern match">^/etc/chrony\.(conf|d/.+\.conf)$</ind:filepath>
|
|
|
ff1465 |
+ <ind:pattern operation="pattern match">^[\s]*server.*$</ind:pattern>
|
|
|
ff1465 |
+ <ind:instance datatype="int">1</ind:instance>
|
|
|
ff1465 |
+ </ind:textfilecontent54_object>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ comment="Ensure no time source is set with pool directive" id="test_chronyd_server_directive_no_pool"
|
|
|
ff1465 |
+ version="1">
|
|
|
ff1465 |
+ <ind:object object_ref="object_chronyd_no_pool_directive" />
|
|
|
ff1465 |
+ </ind:textfilecontent54_test>
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ id="object_chronyd_no_pool_directive" version="1">
|
|
|
ff1465 |
+ <ind:filepath operation="pattern match">^/etc/chrony\.(conf|d/.+\.conf)$</ind:filepath>
|
|
|
ff1465 |
+ <ind:pattern operation="pattern match">^[\s]+pool.*$</ind:pattern>
|
|
|
ff1465 |
+ <ind:instance datatype="int">1</ind:instance>
|
|
|
ff1465 |
+ </ind:textfilecontent54_object>
|
|
|
ff1465 |
+</def-group>
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..6dc24f1
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
|
|
|
ff1465 |
@@ -0,0 +1,32 @@
|
|
|
ff1465 |
+documentation_complete: true
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+title: 'Ensure Chrony is only configured with the server directive'
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+description: |-
|
|
|
ff1465 |
+ Check that Chrony only has time sources configured with the <tt>server</tt> directive.
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+rationale: |-
|
|
|
ff1465 |
+ Depending on the infrastruture being used the <tt>pool</tt> directive may not be supported.
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+severity: medium
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+platform: chrony
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+warnings:
|
|
|
ff1465 |
+ - general: This rule doesn't come with a remediation, the time source needs to be added by the adminstrator.
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+identifiers:
|
|
|
ff1465 |
+ cce@rhel8: CCE-86077-5
|
|
|
ff1465 |
+ cce@rhel9: CCE-87077-4
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+references:
|
|
|
ff1465 |
+ disa: CCI-001891
|
|
|
ff1465 |
+ srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146
|
|
|
ff1465 |
+ stigid@rhel8: RHEL-08-030740
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ocil_clause: 'a remote time server is not configured or configured with pool directive'
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+ocil: |-
|
|
|
ff1465 |
+ Run the following command and verify that time sources are only configure with <tt>server</tt> directive:
|
|
|
ff1465 |
+ # grep -E "^(server|pool)" /etc/chrony.conf
|
|
|
ff1465 |
+ A line with the appropriate server should be returned, any line returned starting with <tt>pool</tt> is a finding.
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..d1ba075
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
|
|
|
ff1465 |
@@ -0,0 +1,6 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+# remediation = none
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+echo "" > /etc/chrony.conf
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..12a50eb
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
|
|
|
ff1465 |
@@ -0,0 +1,6 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+# remediation = none
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+rm -f /etc/chrony.conf
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..bffa8b6
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
|
|
|
ff1465 |
@@ -0,0 +1,7 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+# remediation = none
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+echo "some line" > /etc/chrony.conf
|
|
|
ff1465 |
+echo "another line" >> /etc/chrony.conf
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..5527f38
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
|
|
|
ff1465 |
@@ -0,0 +1,8 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+# remediation = none
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+sed -i "^pool.*" /etc/chrony.conf
|
|
|
ff1465 |
+echo "server 0.pool.ntp.org" > /etc/chrony.conf
|
|
|
ff1465 |
+echo "server 1.pool.ntp.org" >> /etc/chrony.conf
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..616fe88
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
|
|
|
ff1465 |
@@ -0,0 +1,9 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+# remediation = none
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+sed -i "^server.*" /etc/chrony.conf
|
|
|
ff1465 |
+if ! grep "^pool.*" /etc/chrony.conf; then
|
|
|
ff1465 |
+ echo "pool 0.pool.ntp.org" > /etc/chrony.conf
|
|
|
ff1465 |
+fi
|
|
|
ff1465 |
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
|
|
|
ff1465 |
new file mode 100644
|
|
|
ff1465 |
index 0000000..21a70dc
|
|
|
ff1465 |
--- /dev/null
|
|
|
ff1465 |
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
|
|
|
ff1465 |
@@ -0,0 +1,6 @@
|
|
|
ff1465 |
+#!/bin/bash
|
|
|
ff1465 |
+# packages = chrony
|
|
|
ff1465 |
+# platform = multi_platform_fedora,multi_platform_rhel
|
|
|
ff1465 |
+
|
|
|
ff1465 |
+sed -i "^pool.*" /etc/chrony.conf
|
|
|
ff1465 |
+echo "server 0.pool.ntp.org" > /etc/chrony.conf
|
|
|
ff1465 |
diff --git a/products/rhel8/profiles/stig.profile b/products/rhel8/profiles/stig.profile
|
|
|
ff1465 |
index 7e142a9..bfb3753 100644
|
|
|
ff1465 |
--- a/products/rhel8/profiles/stig.profile
|
|
|
ff1465 |
+++ b/products/rhel8/profiles/stig.profile
|
|
|
ff1465 |
@@ -910,6 +910,7 @@ selections:
|
|
|
ff1465 |
# RHEL-08-030740
|
|
|
ff1465 |
# remediation fails because default configuration file contains pool instead of server keyword
|
|
|
ff1465 |
- chronyd_or_ntpd_set_maxpoll
|
|
|
ff1465 |
+ - chronyd_server_directive
|
|
|
ff1465 |
|
|
|
ff1465 |
# RHEL-08-030741
|
|
|
ff1465 |
- chronyd_client_only
|
|
|
ff1465 |
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
|
|
|
ff1465 |
index 0584677..ec92589 100644
|
|
|
ff1465 |
--- a/shared/references/cce-redhat-avail.txt
|
|
|
ff1465 |
+++ b/shared/references/cce-redhat-avail.txt
|
|
|
ff1465 |
@@ -188,7 +188,6 @@ CCE-86073-4
|
|
|
ff1465 |
CCE-86074-2
|
|
|
ff1465 |
CCE-86075-9
|
|
|
ff1465 |
CCE-86076-7
|
|
|
ff1465 |
-CCE-86077-5
|
|
|
ff1465 |
CCE-86078-3
|
|
|
ff1465 |
CCE-86079-1
|
|
|
ff1465 |
CCE-86080-9
|
|
|
ff1465 |
@@ -1168,7 +1167,6 @@ CCE-87073-3
|
|
|
ff1465 |
CCE-87074-1
|
|
|
ff1465 |
CCE-87075-8
|
|
|
ff1465 |
CCE-87076-6
|
|
|
ff1465 |
-CCE-87077-4
|
|
|
ff1465 |
CCE-87078-2
|
|
|
ff1465 |
CCE-87079-0
|
|
|
ff1465 |
CCE-87080-8
|
|
|
ff1465 |
diff --git a/tests/data/profile_stability/rhel8/stig.profile b/tests/data/profile_stability/rhel8/stig.profile
|
|
|
ff1465 |
index 26391b9..2411f02 100644
|
|
|
ff1465 |
--- a/tests/data/profile_stability/rhel8/stig.profile
|
|
|
ff1465 |
+++ b/tests/data/profile_stability/rhel8/stig.profile
|
|
|
ff1465 |
@@ -154,6 +154,7 @@ selections:
|
|
|
ff1465 |
- chronyd_client_only
|
|
|
ff1465 |
- chronyd_no_chronyc_network
|
|
|
ff1465 |
- chronyd_or_ntpd_set_maxpoll
|
|
|
ff1465 |
+- chronyd_server_directive
|
|
|
ff1465 |
- clean_components_post_updating
|
|
|
ff1465 |
- configure_bashrc_exec_tmux
|
|
|
ff1465 |
- configure_bind_crypto_policy
|
|
|
ff1465 |
diff --git a/tests/data/profile_stability/rhel8/stig_gui.profile b/tests/data/profile_stability/rhel8/stig_gui.profile
|
|
|
ff1465 |
index 31a3264..f0a9601 100644
|
|
|
ff1465 |
--- a/tests/data/profile_stability/rhel8/stig_gui.profile
|
|
|
ff1465 |
+++ b/tests/data/profile_stability/rhel8/stig_gui.profile
|
|
|
ff1465 |
@@ -165,6 +165,7 @@ selections:
|
|
|
ff1465 |
- chronyd_client_only
|
|
|
ff1465 |
- chronyd_no_chronyc_network
|
|
|
ff1465 |
- chronyd_or_ntpd_set_maxpoll
|
|
|
ff1465 |
+- chronyd_server_directive
|
|
|
ff1465 |
- clean_components_post_updating
|
|
|
ff1465 |
- configure_bashrc_exec_tmux
|
|
|
ff1465 |
- configure_bind_crypto_policy
|