ipaclient_setup_ntp: Use time sync code from 4.6.4 if sync_time is not defined

The FreeIPA versions since 4.7.0 are using chrony and also the new sync_time function for time synchronization which has been added to ipaclient/install/client.py. The old version in ipaclient_setup_ntp has been updated to the code that has been used in 4.6.4.

ipaclient_setup_ntp: Use time sync code from 4.6.4 if sync_time is not defined
2cffd6eb · Thomas Woerner · cdc431ff · 2cffd6eb
Commit 2cffd6eb authored 6 years ago by Thomas Woerner
--- a/roles/ipaclient/library/ipaclient_setup_ntp.py
+++ b/roles/ipaclient/library/ipaclient_setup_ntp.py
@@ -115,11 +115,11 @@ def main():
    cli_domain = module.params.get('domain')
    options.conf_ntp = not options.no_ntp
+    options.debug = False
    fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
    statestore = sysrestore.StateFile(paths.IPA_CLIENT_SYSRESTORE)
-    ntp_servers = [ ]
    synced_ntp = False
    if sync_time is not None:
        if options.conf_ntp:
@@ -133,40 +133,43 @@ def main():
        else:
            logger.info("Skipping chrony configuration")
-    elif not options.on_master and options.conf_ntp:
+    else:
+        ntp_srv_servers = [ ]
+        if not options.on_master and options.conf_ntp:
            # Attempt to sync time with IPA server.
            # If we're skipping NTP configuration, we also skip the time sync here.
            # We assume that NTP servers are discoverable through SRV records
            # in the DNS.
            # If that fails, we try to sync directly with IPA server,
            # assuming it runs NTP
-        if not options.ntp_servers:
+            logger.info('Synchronizing time with KDC...')
-            # Detect NTP servers
            ds = ipadiscovery.IPADiscovery()
-            ntp_servers = ds.ipadns_search_srv(cli_domain, '_ntp._udp',
+            ntp_srv_servers = ds.ipadns_search_srv(cli_domain, '_ntp._udp',
                                                   None, break_on_first=False)
-        else:
-            ntp_servers = options.ntp_servers
-        # Attempt to sync time:
-        # At first with given or dicovered time servers. If no ntp
-        # servers have been given or discovered, then with the ipa
-        # server.
-        module.log('Synchronizing time ...')
            synced_ntp = False
+            ntp_servers = ntp_srv_servers
            # use user specified NTP servers if there are any
+            if options.ntp_servers:
+                ntp_servers = options.ntp_servers
            for s in ntp_servers:
-            synced_ntp = timeconf.synconce_ntp(s, False)
+                synced_ntp = ntpconf.synconce_ntp(s, options.debug)
                if synced_ntp:
                    break
-        if not synced_ntp and not ntp_servers:
-            synced_ntp = timeconf.synconce_ntp(cli_server[0], False)
+            if not synced_ntp and not options.ntp_servers:
+                synced_ntp = timeconf.synconce_ntp(cli_server[0], options.debug)
            if not synced_ntp:
-            module.warn("Unable to sync time with NTP server")
+                module.warn(
+                    "Unable to sync time with NTP "
+                    "server, assuming the time is in sync. Please check "
+                    "that 123 UDP port is opened.")
+        else:
+            logger.info('Skipping synchronizing time with NTP server.')
    # Done
-    module.exit_json(changed=True,
+    module.exit_json(changed=synced_ntp)
-                     synced_ntp=synced_ntp)
 if __name__ == '__main__':
    main()