Stop and disable conflicting time&date services

Fedora 16 introduced chrony as default client time&date synchronization
service:
http://fedoraproject.org/wiki/Features/ChronyDefaultNTP
Thus, there may be people already using chrony as their time and date
synchronization service before installing IPA.

However, installing IPA server or client on such machine may lead to
unexpected behavior, as the IPA installer would configure ntpd and leave
the machine with both ntpd and chronyd enabled. However, since the OS
does not allow both chronyd and ntpd to be running concurrently and chronyd
has the precedence, ntpd would not be run on that system at all.

Make sure, that user is warned when trying to install IPA on such
system and is given a possibility to either not to let IPA configure
ntpd at all or to let the installer stop and disable chronyd.

https://fedorahosted.org/freeipa/ticket/2974

1 files changed, 27 insertions, 0 deletions

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 9e45589b8..975759169 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -89,6 +89,9 @@ def parse_options():
     basic_group.add_option("--ntp-server", dest="ntp_server", help="ntp server to use")
     basic_group.add_option("-N", "--no-ntp", action="store_false",
                       help="do not configure ntp", default=True, dest="conf_ntp")
+    basic_group.add_option("", "--force-ntpd", dest="force_ntpd",
+                      action="store_true", default=False,
+                      help="Stop and disable any time&date synchronization services besides ntpd")
     basic_group.add_option("--ssh-trust-dns", dest="trust_sshfp", default=False, action="store_true",
                       help="configure OpenSSH client to trust DNS SSHFP records")
     basic_group.add_option("--no-ssh", dest="conf_ssh", default=True, action="store_false",
@@ -142,6 +145,9 @@ def parse_options():
     if (options.server and not options.domain):
         parser.error("--server cannot be used without providing --domain")
 
+    if options.force_ntpd and not options.conf_ntp:
+        parser.error("--force-ntpd cannot be used together with --no-ntp")
+
     return safe_opts, options
 
 def logging_setup(options):
@@ -519,6 +525,8 @@ def uninstall(options, env):
            if restored:
                ipaservices.knownservices.ntpd.restart()
 
+    ipaclient.ntpconf.restore_forced_ntpd(statestore)
+
     if was_sshd_configured and ipaservices.knownservices.sshd.is_running():
         ipaservices.knownservices.sshd.restart()
 
@@ -1270,6 +1278,22 @@ def install(options, env, fstore, statestore):
     cli_domain_source = 'Unknown source'
     cli_server_source = 'Unknown source'
 
+    if options.conf_ntp and not options.on_master and not options.force_ntpd:
+        try:
+            ipaclient.ntpconf.check_timedate_services()
+        except ipaclient.ntpconf.NTPConflictingService, e:
+            print "WARNING: ntpd time&date synchronization service will not" \
+                  " be configured as"
+            print "conflicting service (%s) is enabled" % e.conflicting_service
+            print "Use --force-ntpd option to disable it and force configuration" \
+                  " of ntpd"
+            print ""
+
+            # configuration of ntpd is disabled in this case
+            options.conf_ntp = False
+        except ipaclient.ntpconf.NTPConfigurationError:
+            pass
+
     if options.unattended and (options.password is None and options.principal is None and options.prompt_password is False) and not options.on_master:
         root_logger.error("One of password and principal are required.")
         return CLIENT_INSTALL_ERROR
@@ -1884,6 +1908,9 @@ def install(options, env, fstore, statestore):
                         "/etc/ldap.conf failed: %s", str(e))
 
     if options.conf_ntp and not options.on_master:
+        # disable other time&date services first
+        if options.force_ntpd:
+            ipaclient.ntpconf.force_ntpd(statestore)
         if options.ntp_server:
             ntp_server = options.ntp_server
         else: