NTP Patch Attribute

qsodji
Contributor

All,
I have built an NTP Patch check Attribute to identify computers not patched, and silently patch them automatically
https://jumpt.wordpress.com/2015/01/07/ntp-vulnerability-check-attribute-for-casper/

Feel free to comment and provide feedback
Cheers

1 ACCEPTED SOLUTION

qsodji
Contributor

@boettchs: Thank you for the feedback, I put in a better way to handle that, feel free to check it out.
@jjones:I saw your pull but please check out the updated version I put up.
Thank you both again.

View solution in original post

8 REPLIES 8

ericjboyd
Contributor

Got this as an error:

Traceback (most recent call last):
  File "./r.py", line 17, in <module>
    o = check.strip()
NameError: name 'check' is not defined

qsodji
Contributor

Thanks for the feedback, should be fixed now. Also the script will install the NTP patch if the mac is not patched

scottb
Honored Contributor

Just a point - I'm running 10.10.2 and when you have the 10.10.1 hardcoded in, you get this:

<result>No:OS is 10.10.2</result>

So you might want to handle the 10.10.x differently as it's still being updated, and at least so far, NTP fix is not in the 10.10.2 build.

If I change the code to 10.10.2, I get this:

<result>Yes</result>

*Edit: Thanks for writing this.

jjones
Contributor II

I've created a pull/merge request for the updated 10.10.2 version.

qsodji
Contributor

@boettchs: Thank you for the feedback, I put in a better way to handle that, feel free to check it out.
@jjones:I saw your pull but please check out the updated version I put up.
Thank you both again.

scottb
Honored Contributor

@qsodji: Thank you. It looks like this runs fine. My guess would be that NTP will be in 10.10.2+, but you never know with Apple. This should allow for that either way. Appreciate the help!

qsodji
Contributor

No worries, I am happy to be able to give back to the community.

qsodji
Contributor

I have updated the above script to also handle the new versions of ntpd.
As I am on 10.10.2 now, my ntpd version is ntp-92.10.1 which is above the version listed by apple in the white paper ntp-92.5.1.
Feedbacks are welcome!