Instead of replacing the files altogether parse them and add only the options we care about.
For ntp.conf those are the server related options. For sysconfig/ntpd we care of adding just -x and -g if missing Simo. -- Simo Sorce * Red Hat, Inc * New York
>From d388c26474d69873f390a550570298e13ca4fb3c Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 14 Oct 2010 10:52:58 -0400 Subject: [PATCH] ntpdinstance: Do not replace the config files, just add needed options --- install/share/Makefile.am | 2 - install/share/ntp.conf.server.template | 50 ----------------- install/share/ntpd.sysconfig.template | 8 --- ipaserver/install/ntpinstance.py | 95 +++++++++++++++++++++++++++----- 4 files changed, 80 insertions(+), 75 deletions(-) delete mode 100644 install/share/ntp.conf.server.template delete mode 100644 install/share/ntpd.sysconfig.template diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 9efb75a..18cc766 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -27,8 +27,6 @@ app_DATA = \ krb5.ini.template \ krb.con.template \ krbrealm.con.template \ - ntp.conf.server.template \ - ntpd.sysconfig.template \ preferences.html.template \ referint-conf.ldif \ dna-posix.ldif \ diff --git a/install/share/ntp.conf.server.template b/install/share/ntp.conf.server.template deleted file mode 100644 index 09149df..0000000 --- a/install/share/ntp.conf.server.template +++ /dev/null @@ -1,50 +0,0 @@ -# Permit time synchronization with our time source, but do not -# permit the source to query or modify the service on this system. -restrict default kod nomodify notrap -restrict -6 default kod nomodify notrap - -# Permit all access over the loopback interface. This could -# be tightened as well, but to do so would effect some of -# the administrative functions. -restrict 127.0.0.1 -restrict -6 ::1 - -# Hosts on local network are less restricted. -#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap - -# Use public servers from the pool.ntp.org project. -# Please consider joining the pool (http://www.pool.ntp.org/join.html). -server $SERVERA -server $SERVERB -server $SERVERC - -#broadcast 192.168.1.255 key 42 # broadcast server -#broadcastclient # broadcast client -#broadcast 224.0.1.1 key 42 # multicast server -#multicastclient 224.0.1.1 # multicast client -#manycastserver 239.255.254.254 # manycast server -#manycastclient 239.255.254.254 key 42 # manycast client - -# Undisciplined Local Clock. This is a fake driver intended for backup -# and when no outside source of synchronized time is available. -server 127.127.1.0 # local clock -#fudge 127.127.1.0 stratum 10 - -# Drift file. Put this in a directory which the daemon can write to. -# No symbolic links allowed, either, since the daemon updates the file -# by creating a temporary in the same directory and then rename()'ing -# it to the file. -driftfile /var/lib/ntp/drift - -# Key file containing the keys and key identifiers used when operating -# with symmetric key cryptography. -keys /etc/ntp/keys - -# Specify the key identifiers which are trusted. -#trustedkey 4 8 42 - -# Specify the key identifier to use with the ntpdc utility. -#requestkey 8 - -# Specify the key identifier to use with the ntpq utility. -#controlkey 8 diff --git a/install/share/ntpd.sysconfig.template b/install/share/ntpd.sysconfig.template deleted file mode 100644 index 3412a0e..0000000 --- a/install/share/ntpd.sysconfig.template +++ /dev/null @@ -1,8 +0,0 @@ -# Drop root to id 'ntp:ntp' by default. -OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid" - -# Set to 'yes' to sync hw clock after successful ntpdate -SYNC_HWCLOCK=yes - -# Additional options for ntpdate -NTPDATE_OPTIONS="" diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py index 320522d..5132d89 100644 --- a/ipaserver/install/ntpinstance.py +++ b/ipaserver/install/ntpinstance.py @@ -18,6 +18,7 @@ # import logging +import string import service from ipapython import sysrestore @@ -33,8 +34,10 @@ class NTPInstance(service.Service): self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore') def __write_config(self): - # The template sets the config to point towards ntp.pool.org, but - # they request that software not point towards the default pool. + + self.fstore.backup_file("/etc/ntp.conf") + self.fstore.backup_file("/etc/sysconfig/ntpd") + # We use the OS variable to point it towards either the rhel # or fedora pools. Other distros should be added in the future # or we can get our own pool. @@ -44,24 +47,86 @@ class NTPInstance(service.Service): elif ipautil.file_exists("/etc/redhat-release"): os = "rhel" - sub_dict = { } - sub_dict["SERVERA"] = "0.%s.pool.ntp.org" % os - sub_dict["SERVERB"] = "1.%s.pool.ntp.org" % os - sub_dict["SERVERC"] = "2.%s.pool.ntp.org" % os - - ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", sub_dict) - ntp_sysconf = ipautil.template_file(ipautil.SHARE_DIR + "ntpd.sysconfig.template", {}) - - self.fstore.backup_file("/etc/ntp.conf") - self.fstore.backup_file("/etc/sysconfig/ntpd") - - fd = open("/etc/ntp.conf", "w") - fd.write(ntp_conf) - fd.close() - - fd = open("/etc/sysconfig/ntpd", "w") - fd.write(ntp_sysconf) + srv_vals = [] + srv_vals.append("0.%s.pool.ntp.org" % os) + srv_vals.append("1.%s.pool.ntp.org" % os) + srv_vals.append("2.%s.pool.ntp.org" % os) + srv_vals.append("127.127.1.0") + fudge = ["fudge", "127.127.1.0", "stratum", "10"] + + #read in memory, change it, then overwrite file + file_changed = False + fudge_present = False + ntpconf = [] + fd = open("/etc/ntp.conf", "r") + for line in fd: + opt = string.split(line, " ") + if opt[0] == "server": + match = 0 + for srv in srv_vals: + if opt[1] == srv: + match = 1 + break + if match == 0: + file_changed = True + line = "" + else: + srv_vals.remove(srv) + + elif opt[0] == "fudge": + if opt == fudge: + file_changed = True + line = "" + else: + fudge_present = True + + ntpconf.append(line) + + if file_changed or len(srv_vals) != 0 or not fudge_present: + fd = open("/etc/ntp.conf", "w") + for line in ntpconf: + fd.write(line) + fd.write("\n### Added by IPA Installer ###\n") + if len(srv_vals) != 0: + for srv in srv_vals: + fd.write("server "+srv+"\n") + if fudge_present == 0: + fd.write("fudge 127.127.1.0 stratum 10\n") + fd.close() + + #read in memory, find OPTIONS, check/change it, then overwrite file + file_changed = False + found_options = False + ntpdsysc = [] + fd = open("/etc/sysconfig/ntpd", "r") + for line in fd: + sline = string.strip(line) + if string.find(sline, "OPTIONS") == 0: + found_options = True + opts = string.split(sline, "=", 1) + if len(opts) != 2: + optvals="" + else: + optvals = string.strip(opts[1], ' "') + if string.find(optvals, "-x") == -1: + optvals += " -x" + file_changed = True + if string.find(optvals, "-g") == -1: + optvals += " -g" + file_changed = True + if file_changed: + line = 'OPTIONS="'+optvals+'"\n' + ntpdsysc.append(line) fd.close() + if not found_options: + ntpdsysc.insert(0, 'OPTIONS="-x -g"\n') + file_changed = True + + if file_changed: + fd = open("/etc/sysconfig/ntpd", "w") + for line in ntpdsysc: + fd.write(line) + fd.close() def __stop(self): self.backup_state("running", self.is_running()) -- 1.7.2.3
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
