From d2968b26113002ea63d2cdf7fcfdf09dafa9094e Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Fri, 5 Jul 2019 17:56:38 +0200
Subject: [PATCH] ipaserver: Support sync_time changes of 4.8.0
sync_time is not using options anymore, but has two new arguments. These
are ntp_servers and ntp_pool. The options argument is not used anymore.
This requires to use inspect on sync_time to be able to detect if the old
or the new function is available.
The call for get_time_source has been added, but is documented out as the
call is only useful in interactive mode.
ipaserver_test now returns ntp_servers and ntp_pool, which are then used
for ipaserver_setup_ntp.
---
.../ipaserver/library/ipaserver_setup_ntp.py | 29 ++++++++++++++-----
roles/ipaserver/library/ipaserver_test.py | 19 ++++++++++--
roles/ipaserver/tasks/install.yml | 4 +++
3 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/roles/ipaserver/library/ipaserver_setup_ntp.py b/roles/ipaserver/library/ipaserver_setup_ntp.py
index 9626c5bb..64383b2f 100644
--- a/roles/ipaserver/library/ipaserver_setup_ntp.py
+++ b/roles/ipaserver/library/ipaserver_setup_ntp.py
@@ -51,12 +51,20 @@ from ansible.module_utils.ansible_ipa_server import *
def main():
ansible_module = AnsibleModule(
- argument_spec = dict(),
+ argument_spec = dict(
+ ntp_servers=dict(required=False, type='list', default=None),
+ ntp_pool=dict(required=False, default=None),
+ ),
)
ansible_module._ansible_debug = True
ansible_log = AnsibleModuleLog(ansible_module)
+ # set values ############################################################
+
+ options.ntp_servers = ansible_module.params.get('ntp_servers')
+ options.ntp_pool = ansible_module.params.get('ntp_pool')
+
# init ##########################################################
fstore = sysrestore.FileStore(paths.SYSRESTORE)
@@ -70,14 +78,19 @@ def main():
# chrony will be handled here in uninstall() method as well by invoking
# the ipa-server-install --uninstall
ansible_module.log("Synchronizing time")
- options.ntp_servers = None
- options.ntp_pool = None
- if sync_time(options, fstore, sstore):
- ansible_module.log("Time synchronization was successful.")
+
+ argspec = inspect.getargspec(sync_time)
+ if "options" not in argspec.args:
+ synced_ntp = sync_time(options.ntp_servers, options.ntp_pool,
+ fstore, sstore)
else:
- ansible_module.warn("IPA was unable to sync time with chrony!")
- ansible_module.warn("Time synchronization is required for IPA "
- "to work correctly")
+ synced_ntp = sync_time(options, fstore, sstore)
+ if not synced_ntp:
+ ansible_module.log(
+ "Warning: IPA was unable to sync time with chrony!")
+ ansible_module.log(
+ " Time synchronization is required for IPA "
+ "to work correctly")
else:
# Configure ntpd
timeconf.force_ntpd(sstore)
diff --git a/roles/ipaserver/library/ipaserver_test.py b/roles/ipaserver/library/ipaserver_test.py
index 65d0a929..40805061 100644
--- a/roles/ipaserver/library/ipaserver_test.py
+++ b/roles/ipaserver/library/ipaserver_test.py
@@ -88,6 +88,8 @@ def main():
pkinit_cert_name=dict(required=False),
### client ###
# mkhomedir
+ ntp_servers=dict(required=False, type='list', default=None),
+ ntp_pool=dict(required=False, default=None),
no_ntp=dict(required=False, type='bool', default=False),
# ssh_trust_dns
# no_ssh
@@ -164,6 +166,8 @@ def main():
options.pkinit_cert_name = ansible_module.params.get('pkinit_cert_name'),
### client ###
# mkhomedir
+ options.ntp_servers = ansible_module.params.get('ntp_servers')
+ options.ntp_pool = ansible_module.params.get('ntp_pool')
options.no_ntp = ansible_module.params.get('no_ntp')
# ssh_trust_dns
# no_ssh
@@ -705,9 +709,10 @@ def main():
try:
timeconf.check_timedate_services()
except timeconf.NTPConflictingService as e:
- ansible_module.log("Conflicting time&date synchronization service '%s'"
- " will be disabled in favor of %s" % \
- (e.conflicting_service, time_service))
+ ansible_module.log(
+ "WARNING: conflicting time&date synchronization service "
+ "'%s' will be disabled in favor of chronyd" % \
+ e.conflicting_service)
except timeconf.NTPConfigurationError:
pass
@@ -777,6 +782,11 @@ def main():
"You will not be able to establish trusts with Active "
"Directory.")
+ # Do not ask for time source
+ #if not options.no_ntp and not options.unattended and not (
+ # options.ntp_servers or options.ntp_pool):
+ # options.ntp_servers, options.ntp_pool = timeconf.get_time_source()
+
#########################################################################
http_pkcs12_file = None
@@ -871,6 +881,9 @@ def main():
### ad trust ###
rid_base=options.rid_base,
secondary_rid_base=options.secondary_rid_base,
+ ### client ###
+ ntp_servers=options.ntp_servers,
+ ntp_pool=options.ntp_pool,
### additional ###
_installation_cleanup=_installation_cleanup,
domainlevel=options.domainlevel)
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index 9b25e0d1..8f9b4ec1 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -64,6 +64,8 @@
# pkinit_name
### client ###
# mkhomedir
+ ntp_servers: "{{ ipaclient_ntp_servers | default(omit) }}"
+ ntp_pool: "{{ ipaclient_ntp_pool | default(omit) }}"
no_ntp: "{{ ipaclient_no_ntp }}"
# ssh_trust_dns
# no_ssh
@@ -166,6 +168,8 @@
- name: Install - Setup NTP
ipaserver_setup_ntp:
+ ntp_servers: "{{ result_ipaserver_test.ntp_servers | default(omit) }}"
+ ntp_pool: "{{ result_ipaserver_test.ntp_pool | default(omit) }}"
when: not ipaclient_no_ntp | bool and (ipaserver_external_cert_files
is undefined or ipaserver_external_cert_files|length < 1)
--
GitLab