Douglas Schilling Landgraf has uploaded a new change for review. Change subject: ntp: include peerntp_no karg ......................................................................
ntp: include peerntp_no karg Due the limitation that all services must be enabled during the build time and there is no option to disable default ntp servers from ntp.conf or avoid new servers be included in pre-configure ntp servers from network we introduce peerntp_no karg. The peerntp_no will disable default ntp servers from ntp.conf and update /etc/sysconfig/network and related files (if required) like/etc/sysconfig/network-scripts/ifcfg-* to PEERNTP=no and avoid automatic servers be added into ntp.conf. Change-Id: I127a78df38c21899f37fab2a55aea415f256540a Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1061081 Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M scripts/ovirt-init-functions.sh.in M semodule/ovirt.te.in M src/ovirt/node/config/defaults.py M src/ovirt/node/setup/core/network_page.py 4 files changed, 61 insertions(+), 4 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/06/40406/1 diff --git a/scripts/ovirt-init-functions.sh.in b/scripts/ovirt-init-functions.sh.in index 3a185ec..a6584fc 100644 --- a/scripts/ovirt-init-functions.sh.in +++ b/scripts/ovirt-init-functions.sh.in @@ -2,7 +2,7 @@ # # ovirt-init-functions.sh - Wrapps all functions needed by oVirt at boot time. # -# Copyright (C) 2008-2010 Red Hat, Inc. +# Copyright (C) 2008-2015 Red Hat, Inc. # Written by Darryl L. Pierce <[email protected]> # # This program is free software; you can redistribute it and/or modify @@ -784,6 +784,13 @@ keyboard*) keyboard_layout=${i#keyboard=} ;; + peerntp_no*) + # If user provided in karg peerntp_no we will: + # 1 - Update /etc/sysconfig/network with PEERNTP=no to stop + # dhclient script updating ntp.conf + # 2 - Commend any previous ntp server in ntp.conf + echo "PEERNTP=no" >> /etc/sysconfig/network + ;; logrotate_max_size=*) logrotate_max_size=${i#logrotate_max_size=} ;; @@ -910,6 +917,14 @@ fi fi done + + # peerntp_no: comment any default ntp server in ntp.conf + source /etc/sysconfig/network + if [ ${PEERNTP} == "no" ]; then + sed -e 's/^server/# server/' /etc/ntp.conf -i + persist /etc/ntp.conf + fi + # block accidental bootif changes on upgrades if [ "$upgrade" == "1" ]; then sed -i '/OVIRT_BOOTIF/d' $tmpaug diff --git a/semodule/ovirt.te.in b/semodule/ovirt.te.in index 4fe6016..93a03db 100644 --- a/semodule/ovirt.te.in +++ b/semodule/ovirt.te.in @@ -303,6 +303,7 @@ } allow dhcpc_t tmpfs_t:dir { write add_name read }; allow dhcpc_t tmpfs_t:file { write create open getattr read }; + allow dhcpc_t etc_t:file write; allow dhcpc_t user_tmpfs_t:file { read getattr open }; allow dhcpc_t hostname_t:process { siginh noatsecure rlimitinh }; ') diff --git a/src/ovirt/node/config/defaults.py b/src/ovirt/node/config/defaults.py index e1a5bca..0ba11ba 100755 --- a/src/ovirt/node/config/defaults.py +++ b/src/ovirt/node/config/defaults.py @@ -1,7 +1,7 @@ #!/usr/bin/python # -*- coding: utf-8 -*- # -# defaults.py - Copyright (C) 2012 Red Hat, Inc. +# defaults.py - Copyright (C) 2012-2015 Red Hat, Inc. # Written by Fabian Deutsch <[email protected]> # # This program is free software; you can redistribute it and/or modify @@ -425,7 +425,17 @@ cfg.gateway = m["gateway"] or None cfg.netmask = m["netmask"] or None cfg.onboot = "yes" - cfg.peerntp = "yes" + + # auto-install node should be aware of + # peerntp_no karg and do not include in any + # ifcfg file the PEERNTP=yes. This will avoid + # any update in ntp.conf by the nic interfaces + aug = utils.AugeasWrapper() + sys_network = aug.get("/files/etc/sysconfig/network/PEERNTP") + if sys_network and "no" in sys_network: + cfg.peerntp = "no" + else: + cfg.peerntp = "yes" if m_dns["servers"]: cfg.peerdns = "no" @@ -903,6 +913,29 @@ def configure(self, servers): self.update(servers) + def set_peerntp(self, option): + """ + Update PEERNTP option in: + /etc/sysconfig/network-scripts/ + /etc/sysconfig/network + + Args: + option - Use "yes" or "no" + It will update the conf files to PEERNTP=<option> + """ + NETWORK_SCRIPTS = "/etc/sysconfig/network-scripts/" + NETWORK_FILE = "/files/etc/sysconfig/network/PEERNTP" + + aug = utils.AugeasWrapper() + if aug.get(NETWORK_FILE): + aug.set(NETWORK_FILE, option) + + for name in os.listdir(NETWORK_SCRIPTS): + sysconf_net_script = "/files" + NETWORK_SCRIPTS + "/PEERNTP" + if os.path.isfile(os.path.join(NETWORK_SCRIPTS, + name)) and aug.get(sysconf_net_script): + aug.set(sysconf_net_script, option) + def retrieve(self): cfg = dict(NodeConfigFileSection.retrieve(self)) cfg.update({"servers": cfg["servers"].split(",") if cfg["servers"] diff --git a/src/ovirt/node/setup/core/network_page.py b/src/ovirt/node/setup/core/network_page.py index 3baa3ac..d86b7ee 100644 --- a/src/ovirt/node/setup/core/network_page.py +++ b/src/ovirt/node/setup/core/network_page.py @@ -377,7 +377,15 @@ timeservers += effective_model.values_for(ntp_keys) if timeservers: self.logger.info("Setting new timeservers: %s" % timeservers) - model = defaults.Timeservers() + timesrv = defaults.Timeservers() + + # Validate if user removed both NTP entries in TUI + if not timeservers[0] and not timeservers[1]: + timesrv.set_peerntp("no") + else: + timesrv.set_peerntp("yes") + + model = timesrv model.update(timeservers) txs += model.transaction() -- To view, visit https://gerrit.ovirt.org/40406 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I127a78df38c21899f37fab2a55aea415f256540a Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
