Hello.

I have several suggestions:

1) make an optional requires of server/client packages to ntpd, because
last could conflict with another NTP server/client (based to platform);

2) make an abstract NTP module to easy change basic operations (like
read/write configuration, time sync);

3) based on above each Linux distribution team can contribute easily
(e.g. from ALTLinux - openntpd ;-) );

4) Of course manual steps(not by installers) are error
prone(misconfiguration, wrong configuration, etc.).

But IPA controls NTP configuration upon installation only (not at
runtime or start time) as far as i know.

May be add time syncing check?


Thank you.



29.01.2018 17:57, Tibor Dudlák via FreeIPA-devel пишет:
>
>
> On Mon, Jan 29, 2018 at 3:09 PM, Simo Sorce <sso...@redhat.com
> <mailto:sso...@redhat.com>> wrote:
>
>     On Mon, 2018-01-29 at 14:54 +0100, Tibor Dudlák wrote:
>
>     [...]
>
>     > > > > So given the above we initially decided to make IPA
>     servers also ntp
>     > > > > servers and configure client to use IPA server as time
>     sources.
>     >
>     > Not configuring NTP service but still requiting it might be way
>     to give
>     > freedom of choice to IPA administrator to set one they prefer before
>     > installing IPA. :)
>
>     I think this is the worst of the possible outcomes, as now you need to
>     add one more manual step to the configuration of the system.
>     The point of ipa-server-install is to simplify installation and
>     configure everything that is *required* except the Operating System.
>     Requiring something and not installing it would be a net regression.
>
>     [...]
>
>     > So should we only replace ntpd with chronyd and have option to not
>     > configure NTP service (chronyd) as it is now if administrator
>     wants to use
>     > other than chronyd?
>
>     This is certainly an option, but we would then require to have
>     code for
>     both ntpd and chronyd upstream, because some older distros use NTP.
>     Not that this is too difficult, we already have the platform
>     absraction, so it is a simply a matter of adding chronyd w/o removing
>     ntpd.
>
>     HTH,
>     Simo.
>
>
> Thanks for input Simo.
>
> -- 
> Tibor Dudlák
> Identity management - freeIPA
> Brno, TPB-C, 2C407
> Red Hat
>
>
> _______________________________________________
> FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to