diff options
author | Martin Kosek <mkosek@redhat.com> | 2012-12-07 16:44:32 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-12-07 13:07:36 -0500 |
commit | 211f6c9046ab9b43c7f40e279db7c5595ae70bd1 (patch) | |
tree | d8e666b3def0bff9e3c05e78b782841cde859465 /ipa-client/ipaclient | |
parent | 867f7691e9e8d4dc101d227ca56a94f9b947897f (diff) | |
download | freeipa-211f6c9046ab9b43c7f40e279db7c5595ae70bd1.tar.gz freeipa-211f6c9046ab9b43c7f40e279db7c5595ae70bd1.tar.xz freeipa-211f6c9046ab9b43c7f40e279db7c5595ae70bd1.zip |
Stop and disable conflicting time&date services
Fedora 16 introduced chrony as default client time&date synchronization
service:
http://fedoraproject.org/wiki/Features/ChronyDefaultNTP
Thus, there may be people already using chrony as their time and date
synchronization service before installing IPA.
However, installing IPA server or client on such machine may lead to
unexpected behavior, as the IPA installer would configure ntpd and leave
the machine with both ntpd and chronyd enabled. However, since the OS
does not allow both chronyd and ntpd to be running concurrently and chronyd
has the precedence, ntpd would not be run on that system at all.
Make sure, that user is warned when trying to install IPA on such
system and is given a possibility to either not to let IPA configure
ntpd at all or to let the installer stop and disable chronyd.
https://fedorahosted.org/freeipa/ticket/2974
Diffstat (limited to 'ipa-client/ipaclient')
-rw-r--r-- | ipa-client/ipaclient/ntpconf.py | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py index 6e4173145..eb9afdeee 100644 --- a/ipa-client/ipaclient/ntpconf.py +++ b/ipa-client/ipaclient/ntpconf.py @@ -21,6 +21,7 @@ from ipapython import ipautil from ipapython import services as ipaservices import shutil import os +import sys ntp_conf = """# Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. @@ -154,3 +155,70 @@ def synconce_ntp(server_fqdn): except: pass return False + +class NTPConfigurationError(Exception): + pass + +class NTPConflictingService(NTPConfigurationError): + def __init__(self, message='', conflicting_service=None): + super(NTPConflictingService, self).__init__(self, message) + self.conflicting_service = conflicting_service + +def check_timedate_services(): + """ + System may contain conflicting services used for time&date synchronization. + As IPA server/client supports only ntpd, make sure that other services are + not enabled to prevent conflicts. For example when both chronyd and ntpd + are enabled, systemd would always start only chronyd to manage system + time&date which would make IPA configuration of ntpd ineffective. + + Reference links: + https://fedorahosted.org/freeipa/ticket/2974 + http://fedoraproject.org/wiki/Features/ChronyDefaultNTP + """ + for service in ipaservices.timedate_services: + if service == 'ntpd': + continue + # Make sure that the service is not enabled + service = ipaservices.service(service) + if service.is_enabled() or service.is_running(): + raise NTPConflictingService(conflicting_service=service.service_name) + +def force_ntpd(statestore): + """ + Force ntpd configuration and disable and stop any other conflicting + time&date service + """ + for service in ipaservices.timedate_services: + if service == 'ntpd': + continue + service = ipaservices.service(service) + enabled = service.is_enabled() + running = service.is_running() + + if enabled or running: + statestore.backup_state(service.service_name, 'enabled', enabled) + statestore.backup_state(service.service_name, 'running', running) + + if running: + service.stop() + + if enabled: + service.disable() + +def restore_forced_ntpd(statestore): + """ + Restore from --force-ntpd installation and enable/start service that were + disabled/stopped during installation + """ + for service in ipaservices.timedate_services: + if service == 'ntpd': + continue + if statestore.has_state(service): + service = ipaservices.service(service) + enabled = statestore.restore_state(service.service_name, 'enabled') + running = statestore.restore_state(service.service_name, 'running') + if enabled: + service.enable() + if running: + service.start() |