On 03/30/2015 12:38 PM, Martin Babinsky wrote:
On 03/26/2015 01:14 PM, Martin Kosek wrote:
On 03/25/2015 04:18 PM, Jan Cholasta wrote:
Hi,

Dne 25.3.2015 v 15:26 Martin Babinsky napsal(a):
The attached patch related to
https://fedorahosted.org/freeipa/ticket/4931

Please make sure <https://fedorahosted.org/freeipa/ticket/3048> stays
fixed.


It is certainly not a final solution, more of an initial "hack" of
sorts
just to gather some suggestions, since I am not even sure if this is
the
right thing to do.

The reporter from bugzilla suggests to enable debugging of ALL commands
called through ipautil.run(), but I think that fixing all cca 157 found
usages of run() is too much work with a quite small benefit.

Anyway I would welcome some opinions about this: should the external
commands really inherit the debug settings of ipa-* utilities, and if
so, is the method showed in this patch the right way to do it?

I am not a fan of this method, ipautil.run does not know anything
about the
command it runs and I think it should stay that way.

I would prefer to have an ipautil.run wrapper with debug flag using
appropriate
debugging option for each command where we need to conditionally enable
debugging. Or just add the debugging option unconditionally to every
command
where it could be useful.

+1, I do not like this change to ipautil.run either. It should be sole
responsibility of the caller to specify the right combinations of
options,
including debug option, where applicable.

Attaching updated patch.



Reviving this patch from the dead. Attaching rebased version for master branch and ipa-4-1.

--
Martin^3 Babinsky
From 5c2883cda1ef56dfa62f7a76469a2bb1f07e51e1 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Mon, 30 Mar 2015 12:29:04 +0200
Subject: [PATCH] enable debugging of ntpd during client installation

When installing IPA client in debug mode, the ntpd command spawned during
initial time-sync with master KDC will also run in debug mode.

https://fedorahosted.org/freeipa/ticket/4931
---
 ipa-client/ipa-install/ipa-client-install | 5 +++--
 ipa-client/ipaclient/ntpconf.py           | 7 +++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index a1564583ca2d461413da7ea5929b91851cd3f3e1..96b30b486585bc60b0882263cff58292a3538df9 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -2388,12 +2388,13 @@ def install(options, env, fstore, statestore):
             ntp_servers = options.ntp_servers
 
         for s in ntp_servers:
-            synced_ntp = ipaclient.ntpconf.synconce_ntp(s)
+            synced_ntp = ipaclient.ntpconf.synconce_ntp(s, options.debug)
             if synced_ntp:
                 break
 
         if not synced_ntp and not options.ntp_servers:
-            synced_ntp = ipaclient.ntpconf.synconce_ntp(cli_server[0])
+            synced_ntp = ipaclient.ntpconf.synconce_ntp(cli_server[0],
+                                                        options.debug)
         if not synced_ntp:
             root_logger.warning("Unable to sync time with NTP " +
                 "server, assuming the time is in sync. Please check " +
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index c22fba401d33009b3b95d1418dc7c8a03328d569..9a7db6544b54288569dc7699e67ddc865bb88db4 100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -137,7 +137,7 @@ def config_ntp(ntp_servers, fstore = None, sysstore = None):
     services.knownservices.ntpd.restart()
 
 
-def synconce_ntp(server_fqdn):
+def synconce_ntp(server_fqdn, debug=False):
     """
     Syncs time with specified server using ntpd.
     Primarily designed to be used before Kerberos setup
@@ -150,13 +150,16 @@ def synconce_ntp(server_fqdn):
         return False
 
     tmp_ntp_conf = ipautil.write_tmp_file('server %s' % server_fqdn)
+    args = [ntpd, '-qgc', tmp_ntp_conf.name]
+    if debug:
+        args.append('-d')
     try:
         # The ntpd command will never exit if it is unable to reach the
         # server, so timeout after 15 seconds.
         timeout = 15
         root_logger.info('Attempting to sync time using ntpd.  '
                          'Will timeout after %d seconds' % timeout)
-        ipautil.run([ntpd, '-qgc', tmp_ntp_conf.name], timeout=timeout)
+        ipautil.run(args, timeout=timeout)
         return True
     except ipautil.CalledProcessError:
         return False
-- 
2.4.3

From 60a247f4e7eb8cdb75d31c326432a887e2c37d63 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Mon, 30 Mar 2015 12:29:04 +0200
Subject: [PATCH] enable debugging of ntpd during client installation

When installing IPA client in debug mode, the ntpd command spawned during
initial time-sync with master KDC will also run in debug mode.

https://fedorahosted.org/freeipa/ticket/4931
---
 ipa-client/ipa-install/ipa-client-install | 5 +++--
 ipa-client/ipaclient/ntpconf.py           | 7 +++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index e0de79402f31562384f723a018a4f205916a024f..c5196f7894e4021ce26d090b2d97d1e0cf6abe68 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -2374,11 +2374,12 @@ def install(options, env, fstore, statestore):
         synced_ntp = False
         if ntp_servers:
             for s in ntp_servers:
-                synced_ntp = ipaclient.ntpconf.synconce_ntp(s)
+                synced_ntp = ipaclient.ntpconf.synconce_ntp(s, options.debug)
                 if synced_ntp:
                     break
         if not synced_ntp:
-            synced_ntp = ipaclient.ntpconf.synconce_ntp(cli_server[0])
+            synced_ntp = ipaclient.ntpconf.synconce_ntp(cli_server[0],
+                                                        options.debug)
         if not synced_ntp:
             root_logger.warning("Unable to sync time with IPA NTP " +
                 "server, assuming the time is in sync. Please check " +
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index 7d5c82a89b51f68362f12869a9234f5b69aa5ba9..699f0867ba46212fb7c5fe2223e73f75e80e459e 100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -136,7 +136,7 @@ def config_ntp(server_fqdn, fstore = None, sysstore = None):
     services.knownservices.ntpd.restart()
 
 
-def synconce_ntp(server_fqdn):
+def synconce_ntp(server_fqdn, debug=False):
     """
     Syncs time with specified server using ntpd.
     Primarily designed to be used before Kerberos setup
@@ -149,13 +149,16 @@ def synconce_ntp(server_fqdn):
         return False
 
     tmp_ntp_conf = ipautil.write_tmp_file('server %s' % server_fqdn)
+    args = [ntpd, '-qgc', tmp_ntp_conf.name]
+    if debug:
+        args.append('-d')
     try:
         # The ntpd command will never exit if it is unable to reach the
         # server, so timeout after 15 seconds.
         timeout = 15
         root_logger.info('Attempting to sync time using ntpd.  '
                          'Will timeout after %d seconds' % timeout)
-        ipautil.run([ntpd, '-qgc', tmp_ntp_conf.name], timeout=timeout)
+        ipautil.run(args, timeout=timeout)
         return True
     except ipautil.CalledProcessError:
         return False
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to