Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Alexander Bokovoy wrote:
Reproduced. This happens when the package freeipa-client is upgraded
after client is enrolled with previous version -- in such case there
is no backup state and therefore we can't restore.
Also add fstore to /etc/sysconfig/ntpd to really backup it.
--
/ Alexander Bokovoy
From 0aab495a8175b25ebd48e30715527fcf6737b22b Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 26 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 62 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..b8d4867ab3df119132b7d9da35803e50bbd4ea51
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -320,6 +320,30 @@ def uninstall(options, env, quiet=False):
# this is optional service, just log
logging.info(%s daemon is not installed, skip configuration %
(nslcd.service_name))
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+try:
+# Restore might fail due to file missing in backup
+# the reason for it might be that freeipa-client was updated
+# to this version but not unenrolled/enrolled again
+# In such case it is OK to fail
+restored = fstore.restore_file(/etc/ntp.conf)
+restored |= fstore.restore_file(/etc/sysconfig/ntpd)
+if ntp_step_tickers:
+ restored |= fstore.restore_file(/etc/ntp/step-tickers)
+except:
+pass
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
if not options.unattended:
emit_quiet(quiet, The original nsswitch.conf configuration has been
restored.)
emit_quiet(quiet, You may need to restart services or reboot the
machine.)
@@ -1102,7 +1126,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print NTP enabled
print Client configuration complete.
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..8e151089c81fe761dc57fc6e8fb7ff5ba30b98fa
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = # Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=
+ntp_step_tickers = # Use IPA-provided NTP server for initial time
+$SERVER
+
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, %s.ipasave % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, w)
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = /etc/ntp/step-tickers
+path_ntp_conf = /etc/ntp.conf
+path_ntp_sysconfig = /etc/sysconfig/ntpd
sub_dict = { }
sub_dict[SERVER] = server_fqdn
nc = ipautil.template_str(ntp_conf, sub_dict)
+config_step_tickers = False
-if fstore:
-fstore.backup_file(/etc/ntp.conf)
-else:
-shutil.copy(/etc/ntp.conf, /etc/ntp.conf.ipasave)
-fd = open(/etc/ntp.conf, w)
-fd.write(nc)
-fd.close()
+if os.path.exists(path_step_tickers):
+config_step_tickers = True
+ns = ipautil.template_str(ntp_step_tickers, sub_dict)
+__backup_config(path_step_tickers, fstore)
+__write_config(path_step_tickers, ns)
+ipaservices.restore_context(path_step_tickers)
-if fstore:
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On 5.10.2011 10:38, Alexander Bokovoy wrote: On Tue, 04 Oct 2011, Alexander Bokovoy wrote: Reproduced. This happens when the package freeipa-client is upgraded after client is enrolled with previous version -- in such case there is no backup state and therefore we can't restore. Also add fstore to /etc/sysconfig/ntpd to really backup it. ACK. Honza -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Jan Cholasta wrote:
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, in module
sys.exit(main())
File /usr/sbin/ipa-client-install, line 1154, in main
rval = install(options, env, fstore, statestore)
File /usr/sbin/ipa-client-install, line 1122, in install
ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
File /usr/lib/python2.7/site-packages/ipaclient/ntpconf.py, line
118, in config_ntp
sysstore.backup_state(module, enabled,
ipaservices.knownservices.ntp.enabled())
File /usr/lib/python2.7/site-packages/ipalib/plugable.py, line
167, in __getattr__
raise AttributeError('no magic attribute %r' % name)
AttributeError: no magic attribute 'ntp'
Mea culpa. :(
Fixed patch attached.
--
/ Alexander Bokovoy
From 2de0c707424e735faf03fb786b98cbb3e3ee55da Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 19 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 55 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..4b6520f2c7ad67442f57a5d98d691912555c2c3c
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -331,6 +331,23 @@ def uninstall(options, env, quiet=False):
emit_quiet(quiet, Reboot command failed to exceute. +
str(e))
return CLIENT_UNINSTALL_ERROR
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+restored = fstore.restore_file(/etc/ntp.conf)
+restored |= fstore.restore_file(/etc/sysconfig/ntpd)
+if ntp_step_tickers:
+ restored |= fstore.restore_file(/etc/ntp/step-tickers)
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
# Remove the IPA configuration file
try:
os.remove(/etc/ipa/default.conf)
@@ -1102,7 +1119,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print NTP enabled
print Client configuration complete.
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..cf203b90490f8268553229730cc2966d2c14f292
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = # Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=
+ntp_step_tickers = # Use IPA-provided NTP server for initial time
+$SERVER
+
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, %s.ipasave % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, w)
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = /etc/ntp/step-tickers
+path_ntp_conf = /etc/ntp.conf
+path_ntp_sysconfig = /etc/sysconfig/ntpd
sub_dict = { }
sub_dict[SERVER] = server_fqdn
nc = ipautil.template_str(ntp_conf, sub_dict)
+config_step_tickers = False
-if fstore:
-fstore.backup_file(/etc/ntp.conf)
-else:
-shutil.copy(/etc/ntp.conf, /etc/ntp.conf.ipasave)
-fd = open(/etc/ntp.conf, w)
-fd.write(nc)
-fd.close()
+if os.path.exists(path_step_tickers):
+config_step_tickers = True
+ns =
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On 4.10.2011 20:53, Alexander Bokovoy wrote:
On Tue, 04 Oct 2011, Jan Cholasta wrote:
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, inmodule
sys.exit(main())
File /usr/sbin/ipa-client-install, line 1154, in main
rval = install(options, env, fstore, statestore)
File /usr/sbin/ipa-client-install, line 1122, in install
ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
File /usr/lib/python2.7/site-packages/ipaclient/ntpconf.py, line
118, in config_ntp
sysstore.backup_state(module, enabled,
ipaservices.knownservices.ntp.enabled())
File /usr/lib/python2.7/site-packages/ipalib/plugable.py, line
167, in __getattr__
raise AttributeError('no magic attribute %r' % name)
AttributeError: no magic attribute 'ntp'
Mea culpa. :(
Fixed patch attached.
Now ipa-client-install --uninstall fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, in module
sys.exit(main())
File /usr/sbin/ipa-client-install, line 1147, in main
return uninstall(options, env)
File /usr/sbin/ipa-client-install, line 339, in uninstall
restored = fstore.restore_file(/etc/ntp.conf)
File /usr/lib/python2.7/site-packages/ipapython/sysrestore.py, line
158, in restore_file
raise ValueError(No such file name in the index)
ValueError: No such file name in the index
Honza
--
Jan Cholasta
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0016 Setup and restore ntp configuration on the
On Tue, 04 Oct 2011, Jan Cholasta wrote:
Now ipa-client-install --uninstall fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, in module
sys.exit(main())
File /usr/sbin/ipa-client-install, line 1147, in main
return uninstall(options, env)
File /usr/sbin/ipa-client-install, line 339, in uninstall
restored = fstore.restore_file(/etc/ntp.conf)
File /usr/lib/python2.7/site-packages/ipapython/sysrestore.py,
line 158, in restore_file
raise ValueError(No such file name in the index)
ValueError: No such file name in the index
Reproduced. This happens when the package freeipa-client is upgraded
after client is enrolled with previous version -- in such case there
is no backup state and therefore we can't restore.
Attached patch should fix it -- as we can ignore absent backup.
--
/ Alexander Bokovoy
From a37e9ff4a35c4c9784bf6a174ca8a4da37a43f51 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on the client side
properly
When setting up the client-side NTP configuration, make sure that
/etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP
configuration
is fully restored and NTP service is disabled if it was disabled before the
installation.
https://fedorahosted.org/freeipa/ticket/1770
---
ipa-client/ipa-install/ipa-client-install | 26 ++-
ipa-client/ipaclient/ntpconf.py | 52
2 files changed, 62 insertions(+), 16 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
76f7f1913c804053edb8b90979286a0592fa5737..b8d4867ab3df119132b7d9da35803e50bbd4ea51
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -320,6 +320,30 @@ def uninstall(options, env, quiet=False):
# this is optional service, just log
logging.info(%s daemon is not installed, skip configuration %
(nslcd.service_name))
+ntp_configured = statestore.has_state('ntp')
+if ntp_configured:
+ntp_enabled = statestore.restore_state('ntp', 'enabled')
+ntp_step_tickers = statestore.restore_state('ntp', 'step-tickers')
+
+try:
+# Restore might fail due to file missing in backup
+# the reason for it might be that freeipa-client was updated
+# to this version but not unenrolled/enrolled again
+# In such case it is OK to fail
+restored = fstore.restore_file(/etc/ntp.conf)
+restored |= fstore.restore_file(/etc/sysconfig/ntpd)
+if ntp_step_tickers:
+ restored |= fstore.restore_file(/etc/ntp/step-tickers)
+except:
+pass
+
+if not ntp_enabled:
+ ipaservices.knownservices.ntpd.stop()
+ ipaservices.knownservices.ntpd.disable()
+else:
+ if restored:
+ ipaservices.knownservices.ntpd.restart()
+
if not options.unattended:
emit_quiet(quiet, The original nsswitch.conf configuration has been
restored.)
emit_quiet(quiet, You may need to restart services or reboot the
machine.)
@@ -1102,7 +1126,7 @@ def install(options, env, fstore, statestore):
ntp_server = options.ntp_server
else:
ntp_server = cli_server
-ipaclient.ntpconf.config_ntp(ntp_server, fstore)
+ipaclient.ntpconf.config_ntp(ntp_server, fstore, statestore)
print NTP enabled
print Client configuration complete.
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index
3042005f41ea3ed6c8fee739b9cf2b833a8d6d59..cf203b90490f8268553229730cc2966d2c14f292
100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -20,6 +20,7 @@
from ipapython import ipautil
from ipapython import services as ipaservices
import shutil
+import os
ntp_conf = # Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
@@ -80,30 +81,51 @@ SYNC_HWCLOCK=yes
# Additional options for ntpdate
NTPDATE_OPTIONS=
+ntp_step_tickers = # Use IPA-provided NTP server for initial time
+$SERVER
+
+def __backup_config(path, fstore = None):
+if fstore:
+fstore.backup_file(path)
+else:
+shutil.copy(path, %s.ipasave % (path))
-def config_ntp(server_fqdn, fstore = None):
+def __write_config(path, content):
+fd = open(path, w)
+fd.write(content)
+fd.close()
+
+def config_ntp(server_fqdn, fstore = None, sysstore = None):
+path_step_tickers = /etc/ntp/step-tickers
+path_ntp_conf = /etc/ntp.conf
+path_ntp_sysconfig = /etc/sysconfig/ntpd
sub_dict = { }
sub_dict[SERVER] = server_fqdn
nc =
