[node-patches] Change in ovirt-node[master]: ntp: include peerntp_no karg

dougsland at redhat.com dougsland at redhat.com
Wed Apr 29 16:58:21 UTC 2015


Douglas Schilling Landgraf has uploaded a new change for review.

Change subject: ntp: include peerntp_no karg
......................................................................

ntp: include peerntp_no karg

Due the limitation that all services must be enabled during the
build time and there is no option to disable default
ntp servers from ntp.conf or avoid new servers be included
in pre-configure ntp servers from network we introduce
peerntp_no karg. The peerntp_no will disable default
ntp servers from ntp.conf and update /etc/sysconfig/network
and related files (if required) like/etc/sysconfig/network-scripts/ifcfg-*
to PEERNTP=no and avoid automatic servers be added into ntp.conf.

Change-Id: I127a78df38c21899f37fab2a55aea415f256540a
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1061081
Signed-off-by: Douglas Schilling Landgraf <dougsland at redhat.com>
---
M scripts/ovirt-init-functions.sh.in
M semodule/ovirt.te.in
M src/ovirt/node/config/defaults.py
M src/ovirt/node/setup/core/network_page.py
4 files changed, 61 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/06/40406/1

diff --git a/scripts/ovirt-init-functions.sh.in b/scripts/ovirt-init-functions.sh.in
index 3a185ec..a6584fc 100644
--- a/scripts/ovirt-init-functions.sh.in
+++ b/scripts/ovirt-init-functions.sh.in
@@ -2,7 +2,7 @@
 #
 # ovirt-init-functions.sh - Wrapps all functions needed by oVirt at boot time.
 #
-# Copyright (C) 2008-2010 Red Hat, Inc.
+# Copyright (C) 2008-2015 Red Hat, Inc.
 # Written by Darryl L. Pierce <dpierce at redhat.com>
 #
 # This program is free software; you can redistribute it and/or modify
@@ -784,6 +784,13 @@
             keyboard*)
             keyboard_layout=${i#keyboard=}
             ;;
+            peerntp_no*)
+            # If user provided in karg peerntp_no we will:
+            # 1 - Update /etc/sysconfig/network with PEERNTP=no to stop
+            #     dhclient script updating ntp.conf
+            # 2 - Commend any previous ntp server in ntp.conf
+            echo "PEERNTP=no" >> /etc/sysconfig/network
+            ;;
             logrotate_max_size=*)
             logrotate_max_size=${i#logrotate_max_size=}
             ;;
@@ -910,6 +917,14 @@
             fi
         fi
     done
+
+    # peerntp_no: comment any default ntp server in ntp.conf
+    source /etc/sysconfig/network
+    if [ ${PEERNTP} == "no" ]; then
+        sed -e 's/^server/# server/' /etc/ntp.conf -i
+        persist /etc/ntp.conf
+    fi
+
     # block accidental bootif changes on upgrades
     if [ "$upgrade" == "1" ]; then
         sed -i '/OVIRT_BOOTIF/d' $tmpaug
diff --git a/semodule/ovirt.te.in b/semodule/ovirt.te.in
index 4fe6016..93a03db 100644
--- a/semodule/ovirt.te.in
+++ b/semodule/ovirt.te.in
@@ -303,6 +303,7 @@
     }
     allow dhcpc_t tmpfs_t:dir { write add_name read };
     allow dhcpc_t tmpfs_t:file { write create open getattr read };
+    allow dhcpc_t etc_t:file write;
     allow dhcpc_t user_tmpfs_t:file { read getattr open };
     allow dhcpc_t hostname_t:process { siginh noatsecure rlimitinh };
 ')
diff --git a/src/ovirt/node/config/defaults.py b/src/ovirt/node/config/defaults.py
index e1a5bca..0ba11ba 100755
--- a/src/ovirt/node/config/defaults.py
+++ b/src/ovirt/node/config/defaults.py
@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 #
-# defaults.py - Copyright (C) 2012 Red Hat, Inc.
+# defaults.py - Copyright (C) 2012-2015 Red Hat, Inc.
 # Written by Fabian Deutsch <fabiand at redhat.com>
 #
 # This program is free software; you can redistribute it and/or modify
@@ -425,7 +425,17 @@
                 cfg.gateway = m["gateway"] or None
                 cfg.netmask = m["netmask"] or None
                 cfg.onboot = "yes"
-                cfg.peerntp = "yes"
+
+                # auto-install node should be aware of
+                # peerntp_no karg and do not include in any
+                # ifcfg file the PEERNTP=yes. This will avoid
+                # any update in ntp.conf by the nic interfaces
+                aug = utils.AugeasWrapper()
+                sys_network = aug.get("/files/etc/sysconfig/network/PEERNTP")
+                if sys_network and "no" in sys_network:
+                    cfg.peerntp = "no"
+                else:
+                    cfg.peerntp = "yes"
 
                 if m_dns["servers"]:
                     cfg.peerdns = "no"
@@ -903,6 +913,29 @@
     def configure(self, servers):
         self.update(servers)
 
+    def set_peerntp(self, option):
+        """
+        Update PEERNTP option in:
+          /etc/sysconfig/network-scripts/
+          /etc/sysconfig/network
+
+        Args:
+          option - Use "yes" or "no"
+          It will update the conf files to PEERNTP=<option>
+        """
+        NETWORK_SCRIPTS = "/etc/sysconfig/network-scripts/"
+        NETWORK_FILE = "/files/etc/sysconfig/network/PEERNTP"
+
+        aug = utils.AugeasWrapper()
+        if aug.get(NETWORK_FILE):
+            aug.set(NETWORK_FILE, option)
+
+        for name in os.listdir(NETWORK_SCRIPTS):
+            sysconf_net_script = "/files" + NETWORK_SCRIPTS + "/PEERNTP"
+            if os.path.isfile(os.path.join(NETWORK_SCRIPTS,
+                              name)) and aug.get(sysconf_net_script):
+                aug.set(sysconf_net_script, option)
+
     def retrieve(self):
         cfg = dict(NodeConfigFileSection.retrieve(self))
         cfg.update({"servers": cfg["servers"].split(",") if cfg["servers"]
diff --git a/src/ovirt/node/setup/core/network_page.py b/src/ovirt/node/setup/core/network_page.py
index 3baa3ac..d86b7ee 100644
--- a/src/ovirt/node/setup/core/network_page.py
+++ b/src/ovirt/node/setup/core/network_page.py
@@ -377,7 +377,15 @@
             timeservers += effective_model.values_for(ntp_keys)
         if timeservers:
             self.logger.info("Setting new timeservers: %s" % timeservers)
-            model = defaults.Timeservers()
+            timesrv = defaults.Timeservers()
+
+            # Validate if user removed both NTP entries in TUI
+            if not timeservers[0] and not timeservers[1]:
+                timesrv.set_peerntp("no")
+            else:
+                timesrv.set_peerntp("yes")
+
+            model = timesrv
             model.update(timeservers)
             txs += model.transaction()
 


-- 
To view, visit https://gerrit.ovirt.org/40406
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I127a78df38c21899f37fab2a55aea415f256540a
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Douglas Schilling Landgraf <dougsland at redhat.com>



More information about the node-patches mailing list