Skip to main content
Solved

NTP Patch Attribute


Forum|alt.badge.img+7

All,
I have built an NTP Patch check Attribute to identify computers not patched, and silently patch them automatically
https://jumpt.wordpress.com/2015/01/07/ntp-vulnerability-check-attribute-for-casper/

Feel free to comment and provide feedback
Cheers

Best answer by qsodji

@boettchs: Thank you for the feedback, I put in a better way to handle that, feel free to check it out.
@jjones:I saw your pull but please check out the updated version I put up.
Thank you both again.

View original
Did this topic help you find an answer to your question?

8 replies

ericjboyd
Forum|alt.badge.img+6
  • Contributor
  • 59 replies
  • January 6, 2015

Got this as an error:

Traceback (most recent call last):
  File "./r.py", line 17, in <module>
    o = check.strip()
NameError: name 'check' is not defined

Forum|alt.badge.img+7
  • Author
  • Contributor
  • 40 replies
  • January 6, 2015

Thanks for the feedback, should be fixed now. Also the script will install the NTP patch if the mac is not patched


scottb
Forum|alt.badge.img+18
  • Valued Contributor
  • 1285 replies
  • January 7, 2015

Just a point - I'm running 10.10.2 and when you have the 10.10.1 hardcoded in, you get this:

<result>No:OS is 10.10.2</result>

So you might want to handle the 10.10.x differently as it's still being updated, and at least so far, NTP fix is not in the 10.10.2 build.

If I change the code to 10.10.2, I get this:

<result>Yes</result>

*Edit: Thanks for writing this.


Forum|alt.badge.img+7
  • Contributor
  • 97 replies
  • January 7, 2015

I've created a pull/merge request for the updated 10.10.2 version.


Forum|alt.badge.img+7
  • Author
  • Contributor
  • 40 replies
  • Answer
  • January 7, 2015

@boettchs: Thank you for the feedback, I put in a better way to handle that, feel free to check it out.
@jjones:I saw your pull but please check out the updated version I put up.
Thank you both again.


scottb
Forum|alt.badge.img+18
  • Valued Contributor
  • 1285 replies
  • January 7, 2015

@qsodji: Thank you. It looks like this runs fine. My guess would be that NTP will be in 10.10.2+, but you never know with Apple. This should allow for that either way. Appreciate the help!


Forum|alt.badge.img+7
  • Author
  • Contributor
  • 40 replies
  • January 7, 2015

No worries, I am happy to be able to give back to the community.


Forum|alt.badge.img+7
  • Author
  • Contributor
  • 40 replies
  • January 29, 2015

I have updated the above script to also handle the new versions of ntpd.
As I am on 10.10.2 now, my ntpd version is ntp-92.10.1 which is above the version listed by apple in the white paper ntp-92.5.1.
Feedbacks are welcome!


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings