Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Wed, 2011-10-05 at 11:27 +0200, Jan Cholasta wrote: > On 5.10.2011 10:38, Alexander Bokovoy wrote: > > On Tue, 04 Oct 2011, Alexander Bokovoy wrote: > >> Reproduced. This happens when the package freeipa-client is upgraded > >> after client is enrolled with previous version -- in such case there > >> is no backup state and therefore we can't restore. > > Also add fstore to /etc/sysconfig/ntpd to really backup it. > > > > ACK. > > Honza > Pushed to master, ipa-2-1. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On 5.10.2011 10:38, Alexander Bokovoy wrote: On Tue, 04 Oct 2011, Alexander Bokovoy wrote: Reproduced. This happens when the package freeipa-client is upgraded after client is enrolled with previous version -- in such case there is no backup state and therefore we can't restore. Also add fstore to /etc/sysconfig/ntpd to really backup it. ACK. Honza -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Alexander Bokovoy wrote:
> Reproduced. This happens when the package freeipa-client is upgraded
> after client is enrolled with previous version -- in such case there
> is no backup state and therefore we can't restore.
Also add fstore to /etc/sysconfig/ntpd to really backup it.
--
/ Alexander Bokovoy
>From 0aab495a8175b25ebd48e30715527fcf6737b22b Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 26 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 62 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..b8d4867ab3df119132b7d9da35803e50bbd4ea51
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -320,6 +320,30 @@ def uninstall(options, env, quiet=False):
# this is optional service, just log
logging.info("%s daemon is not installed, skip configuration" %
(nslcd.service_name))
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+try:
+# Restore might fail due to file missing in backup
+# the reason for it might be that freeipa-client was updated
+# to this version but not unenrolled/enrolled again
+# In such case it is OK to fail
+restored = fstore.restore_file("/etc/ntp.conf")
+restored |= fstore.restore_file("/etc/sysconfig/ntpd")
+if ntp_step_tickers:
+ restored |= fstore.restore_file("/etc/ntp/step-tickers")
+except:
+pass
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
if not options.unattended:
emit_quiet(quiet, "The original nsswitch.conf configuration has been
restored.")
emit_quiet(quiet, "You may need to restart services or reboot the
machine.")
@@ -1102,7 +1126,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print "NTP enabled"
print "Client configuration complete."
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..8e151089c81fe761dc57fc6e8fb7ff5ba30b98fa
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = """# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=""
"""
+ntp_step_tickers = """# Use IPA-provided NTP server for initial time
+$SERVER
+"""
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, "%s.ipasave" % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, "w")
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = "/etc/ntp/step-tickers"
+path_ntp_conf = "/etc/ntp.conf"
+path_ntp_sysconfig = "/etc/sysconfig/ntpd"
sub_dict = { }
sub_dict["SERVER"] = server_fqdn
nc = ipautil.template_str(ntp_conf, sub_dict)
+config_step_tickers = False
-if fstore:
-fstore.backup_file("/etc/ntp.conf")
-else:
-shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave")
-fd = open("/etc/ntp.conf", "w")
-fd.write(nc)
-fd.close()
+if os.path.exists(path_step_tickers):
+config_step_tickers = True
+ns = ipautil.template_str(ntp_step_tickers, sub_dict)
+__backup_config(path_step_tickers, fstore)
+__write_config(path_step_tickers, ns)
+ipaservices.restore_context(
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Jan Cholasta wrote:
> Now ipa-client-install --uninstall fails with:
>
> Traceback (most recent call last):
> File "/usr/sbin/ipa-client-install", line 1165, in
> sys.exit(main())
> File "/usr/sbin/ipa-client-install", line 1147, in main
> return uninstall(options, env)
> File "/usr/sbin/ipa-client-install", line 339, in uninstall
> restored = fstore.restore_file("/etc/ntp.conf")
> File "/usr/lib/python2.7/site-packages/ipapython/sysrestore.py",
> line 158, in restore_file
> raise ValueError("No such file name in the index")
> ValueError: No such file name in the index
Reproduced. This happens when the package freeipa-client is upgraded
after client is enrolled with previous version -- in such case there
is no backup state and therefore we can't restore.
Attached patch should fix it -- as we can ignore absent backup.
--
/ Alexander Bokovoy
>From a37e9ff4a35c4c9784bf6a174ca8a4da37a43f51 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 26 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 62 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..b8d4867ab3df119132b7d9da35803e50bbd4ea51
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -320,6 +320,30 @@ def uninstall(options, env, quiet=False):
# this is optional service, just log
logging.info("%s daemon is not installed, skip configuration" %
(nslcd.service_name))
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+try:
+# Restore might fail due to file missing in backup
+# the reason for it might be that freeipa-client was updated
+# to this version but not unenrolled/enrolled again
+# In such case it is OK to fail
+restored = fstore.restore_file("/etc/ntp.conf")
+restored |= fstore.restore_file("/etc/sysconfig/ntpd")
+if ntp_step_tickers:
+ restored |= fstore.restore_file("/etc/ntp/step-tickers")
+except:
+pass
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
if not options.unattended:
emit_quiet(quiet, "The original nsswitch.conf configuration has been
restored.")
emit_quiet(quiet, "You may need to restart services or reboot the
machine.")
@@ -1102,7 +1126,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print "NTP enabled"
print "Client configuration complete."
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..cf203b90490f8268553229730cc2966d2c14f292
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = """# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=""
"""
+ntp_step_tickers = """# Use IPA-provided NTP server for initial time
+$SERVER
+"""
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, "%s.ipasave" % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, "w")
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = "/etc/ntp/step-tickers"
+path_ntp_conf = "/etc/ntp.conf"
+path_ntp_sysconfig = "/etc/sysconfig/ntpd"
sub_dict = { }
sub_dict["SERVER"] = server_fqdn
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On 4.10.2011 20:53, Alexander Bokovoy wrote:
On Tue, 04 Oct 2011, Jan Cholasta wrote:
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 1165, in
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 1154, in main
rval = install(options, env, fstore, statestore)
File "/usr/sbin/ipa-client-install", line 1122, in install
ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
File "/usr/lib/python2.7/site-packages/ipaclient/ntpconf.py", line
118, in config_ntp
sysstore.backup_state(module, "enabled",
ipaservices.knownservices.ntp.enabled())
File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line
167, in __getattr__
raise AttributeError('no magic attribute %r' % name)
AttributeError: no magic attribute 'ntp'
Mea culpa. :(
Fixed patch attached.
Now ipa-client-install --uninstall fails with:
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 1165, in
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 1147, in main
return uninstall(options, env)
File "/usr/sbin/ipa-client-install", line 339, in uninstall
restored = fstore.restore_file("/etc/ntp.conf")
File "/usr/lib/python2.7/site-packages/ipapython/sysrestore.py", line
158, in restore_file
raise ValueError("No such file name in the index")
ValueError: No such file name in the index
Honza
--
Jan Cholasta
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Jan Cholasta wrote:
> On 4.10.2011 13:00, Alexander Bokovoy wrote:
> >client
> >Reply-To:
> >
> >Hi,
> >
> >attached patch addresses ticket #1770.
> >
>
> ipa-client-install fails with:
>
> Traceback (most recent call last):
> File "/usr/sbin/ipa-client-install", line 1165, in
> sys.exit(main())
> File "/usr/sbin/ipa-client-install", line 1154, in main
> rval = install(options, env, fstore, statestore)
> File "/usr/sbin/ipa-client-install", line 1122, in install
> ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
> File "/usr/lib/python2.7/site-packages/ipaclient/ntpconf.py", line
> 118, in config_ntp
> sysstore.backup_state(module, "enabled",
> ipaservices.knownservices.ntp.enabled())
> File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line
> 167, in __getattr__
> raise AttributeError('no magic attribute %r' % name)
> AttributeError: no magic attribute 'ntp'
Mea culpa. :(
Fixed patch attached.
--
/ Alexander Bokovoy
>From 2de0c707424e735faf03fb786b98cbb3e3ee55da Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 19 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 55 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..4b6520f2c7ad67442f57a5d98d691912555c2c3c
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -331,6 +331,23 @@ def uninstall(options, env, quiet=False):
emit_quiet(quiet, "Reboot command failed to exceute. " +
str(e))
return CLIENT_UNINSTALL_ERROR
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+restored = fstore.restore_file("/etc/ntp.conf")
+restored |= fstore.restore_file("/etc/sysconfig/ntpd")
+if ntp_step_tickers:
+ restored |= fstore.restore_file("/etc/ntp/step-tickers")
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
# Remove the IPA configuration file
try:
os.remove("/etc/ipa/default.conf")
@@ -1102,7 +1119,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print "NTP enabled"
print "Client configuration complete."
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..cf203b90490f8268553229730cc2966d2c14f292
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = """# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=""
"""
+ntp_step_tickers = """# Use IPA-provided NTP server for initial time
+$SERVER
+"""
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, "%s.ipasave" % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, "w")
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = "/etc/ntp/step-tickers"
+path_ntp_conf = "/etc/ntp.conf"
+path_ntp_sysconfig = "/etc/sysconfig/ntpd"
sub_dict = { }
sub_dict["SERVER"] = server_fqdn
nc = ipautil.template_str(ntp_conf, sub_dict)
+config_step_tickers = False
-if fstore:
-fstore.backup_file("/etc/ntp.conf")
-else:
-shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave")
-fd = open("/etc/ntp.conf", "w")
-fd.write(nc)
-fd.close()
+if os.path.exists(path_step_
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 1165, in
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 1154, in main
rval = install(options, env, fstore, statestore)
File "/usr/sbin/ipa-client-install", line 1122, in install
ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
File "/usr/lib/python2.7/site-packages/ipaclient/ntpconf.py", line
118, in config_ntp
sysstore.backup_state(module, "enabled",
ipaservices.knownservices.ntp.enabled())
File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 167,
in __getattr__
raise AttributeError('no magic attribute %r' % name)
AttributeError: no magic attribute 'ntp'
Honza
--
Jan Cholasta
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
