Tree - rpms/ipa - CentOS Git server

rpms / ipa

Files

Commit: 6c1c56170b90de4afd3928b57a5bc6a2a4164994
Blob Blame History Raw
From f3e3da509329881c4ba770d1f9418ad180ee98ae Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Oct 19 2018 17:35:05 +0000
Subject: Handle NTP configuration in a replica server installation


There were two separate issues:

1. If not enrolling on a pre-configured client then the ntp-server and
   ntp-pool options are not being passed down to the client installer
   invocation.
2. If the client is already enrolled then the ntp options are ignored
   altogether.

In the first case simply pass down the options to the client
installer invocation.

If the client is pre-enrolled and NTP options are provided then
raise an exception.

https://pagure.io/freeipa/issue/7723

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>

---

diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1
index 7f6ca57..c63107d 100644
--- a/install/tools/man/ipa-replica-install.1
+++ b/install/tools/man/ipa-replica-install.1
@@ -14,7 +14,7 @@ Domain level 0 is not supported anymore.
 
 To create a replica, the machine only needs to be enrolled in the FreeIPA domain first. This process of turning the IPA client into a replica is also referred to as replica promotion.
 
-If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica.
+If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica. The NTP configuration cannot be updated during client promotion. 
 
 To promote a blank machine into a replica, you have two options, you can either run ipa\-client\-install in a separate step, or pass the enrollment related options to the ipa\-replica\-install (see CLIENT ENROLLMENT OPTIONS). In the latter case, ipa\-replica\-install will join the machine to the IPA realm automatically and will proceed with the promotion step.
 
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index aaa1943..3022057 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -717,6 +717,11 @@ def ensure_enrolled(installer):
         for ip in installer.ip_addresses:
             # installer.ip_addresses is of type [CheckedIPAddress]
             args.extend(("--ip-address", str(ip)))
+    if installer.ntp_servers:
+        for server in installer.ntp_servers:
+            args.extend(("--ntp-server", server))
+    if installer.ntp_pool:
+        args.extend(("--ntp-pool", installer.ntp_pool))
 
     try:
         # Call client install script
@@ -774,6 +779,11 @@ def promote_check(installer):
                   "the --domain, --server, --realm, --hostname, --password "
                   "and --keytab options.")
 
+        # The NTP configuration can not be touched on pre-installed client:
+        if options.no_ntp or options.ntp_servers or options.ntp_pool:
+                raise ScriptError(
+                    "NTP configuration cannot be updated during promotion")
+
     sstore = sysrestore.StateFile(paths.SYSRESTORE)
 
     fstore = sysrestore.FileStore(paths.SYSRESTORE)
rpms / ipa

Source Code

Files
