"the client setup would fail if there's no ntp installed" In what way?
Is what you're really saying that the client setup would fail if the clock of the client is not within X seconds of the real time? That's correct, but is not the same as saying ntp must be installed. There are other ways of obtaining time sufficiently synchronized for Kerberos to work; hence my second suggestion of having a virtual package meaning "the system must have synchronized time (somehow)". This is similar to the virtual package which says "the system must have a mail- transport-agent (but I don't care which one)" However, "recommends" ntp would actually install it in most cases - i.e. unless the user specifies "--no-install-recommends", or has modified their apt config. If the user explicitly asks not to install "recommended" packages, then they are saying they are happy to deal with the possible consequences. Also, I don't think detecting lxc/lxd is a good idea. There are other virtualization environments which ensure the guest clock is synchronized, without running NTP on the guest, so this would not be a generic solution. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1630911 Title: freeipa-client has a hard dependency on "ntp" which is not wanted in lxd environment To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1630911/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
