Implement 2.3.1.1 Ensure a single time synchronization daemon is in use

Complete rules 2.3.2.2 and 2.3.3.3

components/chrony.yml

@@ -17,3 +17,4 @@ rules:
 - chronyd_no_chronyc_network
 - chronyd_or_ntpd_specify_multiple_servers
 - chronyd_sync_clock
+- service_chronyd_disabled

components/systemd.yml

@@ -35,7 +35,8 @@ rules:
 - service_timesyncd_configured
 - service_timesyncd_root_distance_configured
 - service_timesyncd_enabled
+- service_timesyncd_disabled
 - socket_systemd-journal-remote_disabled
 - systemd_tmp_mount_enabled
 - systemd_journal_upload_server_tls
-- systemd_journal_upload_url
+- systemd_journal_upload_url

controls/cis_ubuntu2404.yml

@@ -939,12 +939,9 @@ controls:
     levels:
       - l1_server
       - l1_workstation
-    related_rules:
-      - package_chrony_installed
-      - package_ntp_installed
-      - package_timesyncd_installed
-    status: planned
-    notes: TODO. Partial/incorrect implementation exists.See related rules. Analogous to ubuntu2204/2.1.1.1.
+    rules:
+      - ntp_single_service_active
+    status: automated
 
   - id: 2.3.2.1
     title: Ensure systemd-timesyncd configured with authorized timeserver (Automated)

linux_os/guide/services/ntp/service_timesyncd_disabled/rule.yml

@@ -16,10 +16,10 @@ rationale: |-
 
 severity: medium
 
-platform: package[chrony] or package[ntp]
+platform: package[systemd-timesyncd]
 
 template:
     name: service_disabled
     vars:
         servicename: systemd-timesyncd
-        packagename: systemd
+        packagename: systemd-timesyncd

shared/applicability/package.yml

@@ -118,6 +118,8 @@ args:
     pkgname: sudo
   systemd:
     pkgname: systemd
+  systemd-timesyncd:
+    pkgname: systemd-timesyncd
   telnet-server:
     pkgname: telnet-server
   tftp-server: