5 files changed, 44 insertions, 18 deletions

diff --git a/ipa-server/ipa-install/ipa-replica-install b/ipa-server/ipa-install/ipa-replica-install
index 0fb0a565..234a624b 100644
--- a/ipa-server/ipa-install/ipa-replica-install
+++ b/ipa-server/ipa-install/ipa-replica-install
@@ -42,6 +42,8 @@ class ReplicaConfig:
 def parse_options():
     from optparse import OptionParser
     parser = OptionParser()
+    parser.add_option("-N", "--no-ntp", dest="conf_ntp", action="store_false",
+                      help="do not configure ntp", default=True)
     parser.add_option("-d", "--debug", dest="debug", action="store_true",
                       default=False, help="gather extra debugging information")
 
@@ -171,6 +173,12 @@ def main():
     except ldap.INVALID_CREDENTIALS, e :
         sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
 
+    # Configure ntpd
+    if options.conf_ntp:
+        ntp = ntpinstance.NTPInstance()
+        ntp.create_instance()
+
+    # Configure dirsrv
     install_ds(config)
 
     repl = replication.ReplicationManager(config.host_name, config.dirman_password)
@@ -189,10 +197,6 @@ def main():
     webgui = httpinstance.WebGuiInstance()
     webgui.create_instance()
 
-    # Configure ntpd
-    ntp = ntpinstance.NTPInstance()
-    ntp.create_instance()
-
     service.restart("dirsrv")
     service.restart("krb5kdc")
 
@@ -214,4 +218,4 @@ except Exception, e:
     for str in traceback.format_tb(sys.exc_info()[2]):
         message = message + "\n" + str
     logging.debug(message)
-    sys.exit(1)    
+    sys.exit(1)
diff --git a/ipa-server/ipa-install/ipa-server-install b/ipa-server/ipa-install/ipa-server-install
index b873de42..b698d682 100644
--- a/ipa-server/ipa-install/ipa-server-install
+++ b/ipa-server/ipa-install/ipa-server-install
@@ -75,6 +75,8 @@ def parse_options():
                       default=False, help="unattended installation never prompts the user")
     parser.add_option("", "--uninstall", dest="uninstall", action="store_true",
                       default=False, help="uninstall an existing installation")
+    parser.add_option("-N", "--no-ntp", dest="conf_ntp", action="store_false",
+                      help="do not configure ntp", default=True)
 
     options, args = parser.parse_args()
 
@@ -320,11 +322,11 @@ def main():
     print "This program will setup the FreeIPA Server."
     print ""
     print "This includes:"
+    print "  * Configure the Network Time Daemon (ntpd)"
     print "  * Create and configure an instance of Directory Server"
     print "  * Create and configure a Kerberos Domain Controller (KDC)"
     print "  * Configure Apache (httpd)"
     print "  * Configure TurboGears"
-    print "  * Configure the Network Time Daemon (ntpd)"
     print ""
     print "To accept the default shown in brackets, press the Enter key."
     print ""
@@ -445,6 +447,11 @@ def main():
         print "The following operations may take some minutes to complete."
         print "Please wait until the prompt is returned."
 
+    # Configure ntpd
+    if options.conf_ntp:
+        ntp = ipaserver.ntpinstance.NTPInstance()
+        ntp.create_instance()
+
     # Create a directory server instance
     ds = ipaserver.dsinstance.DsInstance()
     ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password)
@@ -483,10 +490,6 @@ def main():
     service.print_msg("restarting the KDC")
     krb.restart()
 
-    # Configure ntpd
-    ntp = ipaserver.ntpinstance.NTPInstance()
-    ntp.create_instance()
-
     # Set the admin user kerberos password
     ds.change_admin_password(admin_password)
 
diff --git a/ipa-server/ipa-install/share/Makefile.am b/ipa-server/ipa-install/share/Makefile.am
index 28ad51b9..44afd06a 100644
--- a/ipa-server/ipa-install/share/Makefile.am
+++ b/ipa-server/ipa-install/share/Makefile.am
@@ -20,6 +20,7 @@ app_DATA =				\
 	krb.con.template		\
 	krbrealm.con.template		\
 	ntp.conf.server.template 	\
+	ntpd.sysconfig.template 	\
 	preferences.html.template 	\
 	referint-conf.ldif		\
 	dna-posix.ldif			\
diff --git a/ipa-server/ipa-install/share/ntpd.sysconfig.template b/ipa-server/ipa-install/share/ntpd.sysconfig.template
new file mode 100644
index 00000000..3412a0e8
--- /dev/null
+++ b/ipa-server/ipa-install/share/ntpd.sysconfig.template
@@ -0,0 +1,8 @@
+# Drop root to id 'ntp:ntp' by default.
+OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
+
+# Set to 'yes' to sync hw clock after successful ntpdate
+SYNC_HWCLOCK=yes
+
+# Additional options for ntpdate
+NTPDATE_OPTIONS=""
diff --git a/ipa-server/ipaserver/ntpinstance.py b/ipa-server/ipaserver/ntpinstance.py
index e2765171..53858810 100644
--- a/ipa-server/ipaserver/ntpinstance.py
+++ b/ipa-server/ipaserver/ntpinstance.py
@@ -35,25 +35,34 @@ class NTPInstance(service.Service):
         # or we can get our own pool.
         os = ""
         if ipautil.file_exists("/etc/fedora-release"):
-            os = "fedora."
+            os = "fedora"
         elif ipautil.file_exists("/etc/redhat-release"):
-            os = "rhel."
+            os = "rhel"
 
         sub_dict = { }
-        sub_dict["SERVERA"] = "0.%spool.ntp.org" % os
-        sub_dict["SERVERB"] = "1.%spool.ntp.org" % os
-        sub_dict["SERVERC"] = "2.%spool.ntp.org" % os
+        sub_dict["SERVERA"] = "0.%s.pool.ntp.org" % os
+        sub_dict["SERVERB"] = "1.%s.pool.ntp.org" % os
+        sub_dict["SERVERC"] = "2.%s.pool.ntp.org" % os
 
         ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", sub_dict)
+        ntp_sysconf = ipautil.template_file(ipautil.SHARE_DIR + "ntpd.sysconfig.template", {})
 
         sysrestore.backup_file("/etc/ntp.conf")
+        sysrestore.backup_file("/etc/sysconfig/ntpd")
 
         fd = open("/etc/ntp.conf", "w")
         fd.write(ntp_conf)
         fd.close()
 
-    def __start(self):
+        fd = open("/etc/sysconfig/ntpd", "w")
+        fd.write(ntp_sysconf)
+        fd.close()
+
+    def __stop(self):
         self.backup_state("running", self.is_running())
+        self.stop()
+
+    def __start(self):
         self.start()
 
     def __enable(self):
@@ -61,13 +70,14 @@ class NTPInstance(service.Service):
         self.chkconfig_on()
 
     def create_instance(self):
-        self.step("writing configuration", self.__write_config)
 
         # we might consider setting the date manually using ntpd -qg in case
         # the current time is very far off.
 
-        self.step("starting ntpd", self.__start)
+        self.step("stopping ntpd", self.__stop)
+        self.step("writing configuration", self.__write_config)
         self.step("configuring ntpd to start on boot", self.__enable)
+        self.step("starting ntpd", self.__start)
 
         self.start_creation("Configuring ntpd")