Skip to content

Commit

Permalink
Work in progress
Browse files Browse the repository at this point in the history
  • Loading branch information
@Fdall
Fdall committed Feb 26, 2019
1 parent 13a7ed3 commit e410ab0
Show file tree
Hide file tree
Showing 3 changed files with 3,206 additions and 0 deletions.
352 changes: 352 additions & 0 deletions techniques/systemSettings/misc/clockConfiguration/4.0/clockConfiguration.st
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,352 @@
#####################################################################################
# Copyright 2011-2017 Normation SAS
#####################################################################################
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, Version 3.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
#####################################################################################

######################################################
# Configure the ntp
# If ntp is not installed, install it (linux)
# Change the server configuration, and restart the daemon
# if the configuration changed
# Caution : a missing feature in cfe prevents from adding ,0x1 at the end of the domain name
# so it's only safe to use with ips for now
bundle agent check_clock_configuration
{
vars:
"ntpServers" slist => {&CLOCK_NTPSERVERS: { "&it&"};separator=", "&};
"target_timezone" string => ifelse( strcmp("&CLOCK_TIMEZONE&", "custom"), "&CLOCK_TIMEZONE_CUSTOM&", "&CLOCK_TIMEZONE&" );
!aix::
"linux_timezone" string => "${tz_variables.tz_linux[${target_timezone}]}";
"linux_timezone_canonified" string => canonify("${linux_timezone}");
classes:
!aix::
"clock_vardef" expression => isvariable("tz_variables.tz_linux[${target_timezone}]");
systemd.pass1::
"need_to_modify_timezone" expression => "file_symlink_present____usr_share_zoneinfo_${linux_timezone_canonified}__etc_localtime_not_ok";
any::
# We don't edit the TZ if no valid variable is present - probably user input field gone wrong.
"clock_timezone_nochange" expression => strcmp("&CLOCK_TIMEZONE&","dontchange");
"clock_timezone_noedit" expression => "clock_timezone_nochange|!clock_vardef";

"clock_hwclock_sync" expression => strcmp("&CLOCK_HWSYNC_ENABLE&","true");

"ntp_config_file_exists" expression => fileexists("/etc/ntp.conf");

"pass3" expression => "pass2";
"pass2" expression => "pass1";
"pass1" expression => "any";

pass3::
"localtime_kept" expression => "systemd.systemd_ntp_enabled_ok.!need_to_modify_timezone";
"localtime_repaired" expression => "systemd.systemd_ntp_enabled_ok.need_to_modify_timezone.systemd_timezone_ok";
"localtime_error" expression => "systemd.!(localtime_kept|localtime_repaired)";

files:

# Adjust ntp.conf (Add the servers)
(ntp_config_file_exists|(package_present_ntp_repaired|package_present_xntp_repaired))::
"/etc/ntp.conf"
edit_line => setNtpServer("@{this.ntpServers}"),
edit_defaults => noempty_backup,
classes => kept_if_else("ntpconf_kept", "repaired_ntpconf", "not_repaired_ntpconf");

# Copy the correct localtime file (distro independant)
!systemd.!aix.!clock_timezone_noedit::
"/etc/localtime"
copy_from => digest_cp("/usr/share/zoneinfo/${linux_timezone}"),
perms => system_owned("0644"),
comment => "Updating the /etc/localtime file",
classes => kept_if_else("localtime_kept", "localtime_repaired", "localtime_error");

# Edit the distro dependant files to set the TZ on boot
!systemd.redhat.!clock_timezone_noedit::
"/etc/sysconfig/clock"
edit_line => EditCentOSTimezone("${linux_timezone}"),
edit_defaults => noempty_backup,
classes => kept_if_else("redhattz_kept", "repaired_redhattz", "not_repaired_redhattz");

!systemd.SuSE.!clock_timezone_noedit::
"/etc/sysconfig/clock"
edit_line => EditSuSETimezone("${linux_timezone}"),
edit_defaults => noempty_backup,
classes => kept_if_else("susetz_kept", "repaired_susetz", "not_repaired_susetz");

!systemd.debian.!clock_timezone_noedit::
"/etc/timezone"
edit_defaults => empty_backup,
edit_line => EditDebianTimezone("${linux_timezone}"),
classes => kept_if_else("debiantz_kept", "repaired_debiantz", "not_repaired_debiantz");

methods:
systemd.!clock_timezone_noedit.pass1::
"force_dry_run" usebundle => push_dry_run_mode("true");
"systemd_timezone" usebundle => file_symlink_present("../usr/share/zoneinfo/${linux_timezone}", "/etc/localtime");
"restore previous mode" usebundle => pop_dry_run_mode();

# Install the NTP package
linux.!SuSE_10.!SuSE_11::
"ntp" usebundle => package_present("ntp", "latest", "default", "default");

SuSE_10::
"ntp" usebundle => package_present("xntp", "latest", "default", "default");

# Service commands
aix::
"start_xntpd" usebundle => service_ensure_running("xntpd");

aix.repaired_ntpconf::
"restart_xntpd" usebundle => service_restart("xntpd");

!redhat.!aix.(repaired_ntpconf|localtime_repaired|repaired_debiantz|repaired_susetz|ntpd_down)::
"restart_ntp" usebundle => service_restart("ntp");

redhat.(repaired_ntpconf|localtime_repaired|repaired_debiantz|repaired_susetz|ntpd_down)::
"restart_ntpd" usebundle => service_restart("ntpd");


# Global report for the "Time synchronization (NTP)" component
pass3.(((package_present_ntp_kept|package_present_xntp_kept)|(!linux)).ntpconf_kept.!ntpd_down.!service_ensure_running_xntpd_repaired.!service_ensure_running_xntpd_error.!service_restart_xntpd_repaired.!service_restart_xntpd_error)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_success", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntp daemon installed, configured and running");

pass3.((package_present_ntp_repaired|package_present_xntp_repaired)|repaired_ntpconf|(service_restart_ntp_repaired|service_restart_ntpd_repaired)|service_ensure_running_xntpd_repaired|service_restart_xntpd_repaired)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_repaired", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntp service (package, configuration and/or process) repaired");

# Global report for the "Time synchronization (NTP)" component - Windows
pass3.ntp_regkept::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_success", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "NTP service configured and running");

pass3.(ntp_regset.ntp_win32time_started)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_repaired", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "NTP service repaired, it is now configured and running");

# Individual reports for the "Time synchronization (NTP)" component's parts
pass3.(package_present_ntp_error|package_present_xntp_error)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntp package could not be installed");
pass3.(package_present_ntp_repaired|package_present_xntp_repaired)::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntp package installed");
pass3.(package_present_ntp_kept|package_present_xntp_kept)::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntp package already installed");
pass3.(!linux)::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "Support to check if ntp is installed not available on this platform");
pass3.repaired_ntpconf::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntpd configuration updated");
pass3.not_repaired_ntpconf::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntpd configuration could not be changed");
pass3.ntpd_down::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntpd process was not running");
pass3.(service_restart_ntp_repaired|service_restart_ntpd_repaired)::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntpd process restarted");
pass3.(service_restart_ntp_error|service_restart_ntpd_error)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time synchronization (NTP)", "None", "ntpd process could not be restarted");
# Global reports for the "Time zone" component's parts
pass3.aix::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_na", "&TRACKINGKEY&", "Time zone", "None", "Time zone is not managed on AIX nodes");

pass3.(localtime_repaired|repaired_redhattz|repaired_debiantz|repaired_susetz)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_repaired", "&TRACKINGKEY&", "Time zone", "None", "Time zone was reset");

pass3.(localtime_kept.((redhat.redhattz_kept)|(debian.debiantz_kept)|(SuSE.susetz_kept)|systemd))::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_success", "&TRACKINGKEY&", "Time zone", "None", "Time zone was already correctly configured");

pass3.clock_timezone_nochange.!aix::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_na", "&TRACKINGKEY&", "Time zone", "None", "Time zone edition disabled");

pass3.!clock_timezone_nochange.!clock_vardef::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time zone", "None", "Time zone provided is not valid");

# Individual reports for the "Time zone" component's parts
pass3.(localtime_repaired)::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time zone", "None", "Time zone was reset (localtime file changed)");
pass3.(localtime_error)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time zone", "None", "Time zone could not be set (localtime file could not be changed)");
pass3.localtime_kept::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time zone", "None", "Time zone was already set (localtime file didn't need changing)");
pass3.repaired_redhattz::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time zone", "None", "Red Hat-style specific time zone parameters updated (/etc/sysconfig/clock)");
pass3.not_repaired_redhattz::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time zone", "None", "Could not update Red Hat-style time zone parameters (/etc/sysconfig/clock)");
pass3.redhattz_kept::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time zone", "None", "Red Hat-style time zone parameters already correct (/etc/sysconfig/clock)");
pass3.repaired_debiantz::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time zone", "None", "Debian-style time zone parameters updated (/etc/timezone)");
pass3.not_repaired_debiantz::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time zone", "None", "Could not update Debian-style time zone parameters (/etc/timezone)");
pass3.debiantz_kept::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time zone", "None", "Debian-style time zone parameters already correct (/etc/timezone)");
pass3.repaired_susetz::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_repaired", "&TRACKINGKEY&", "Time zone", "None", "SuSE-style time zone parameters updated (/etc/sysconfig/clock)");
pass3.not_repaired_susetz::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Time zone", "None", "Could not update SuSE-style time zone parameters (/etc/sysconfig/clock)");
pass3.susetz_kept::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time zone", "None", "SuSE-style time zone parameters already correct (/etc/sysconfig/clock)");
pass3.systemd.systemd_ntp_enabled_ok::
"any" usebundle => rudder_common_report("ntpConfiguration", "log_info", "&TRACKINGKEY&", "Time zone", "None", "Systemd-style time zone parameters already correct");
# Global reports for the "Hardware clock (RTC)" component
pass3.aix::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_na", "&TRACKINGKEY&", "Hardware clock (RTC)", "None", "Hardware clock is not synchronized on AIX");
pass3.(!aix.!ntp_hwclock_sync_error.!ntp_hwclock_synced.clock_hwclock_sync)::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_success", "&TRACKINGKEY&", "Hardware clock (RTC)", "None", "It is not yet time to synchronize the hardware clock with the NTP time. Skipping...");
pass3.ntp_hwclock_synced::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_success", "&TRACKINGKEY&", "Hardware clock (RTC)", "None", "The hardware clock has been synchronized with the NTP time");
pass3.ntp_hwclock_sync_error::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_error", "&TRACKINGKEY&", "Hardware clock (RTC)", "None", "The hardware clock could not be synchronized with the NTP time");
pass3.!clock_hwclock_sync.!aix::
"any" usebundle => rudder_common_report("ntpConfiguration", "result_na", "&TRACKINGKEY&", "Hardware clock (RTC)", "None", "No synchronization with the hardware clock was requested");
commands:
# HW clock sync command
!aix.clock_hwclock_sync::
"/sbin/hwclock"
args => "--systohc",
action => if_elapsed("&CLOCK_SYNCSCHED&"),
classes => cf2_if_else("ntp_hwclock_synced", "ntp_hwclock_sync_error"),
comment => "synchronizing hardware clock";
systemd::
"/bin/timedatectl"
args => "set-ntp true",
classes => cf2_if_else("systemd_ntp_enabled_ok", "systemd_ntp_enabled_error"),
comment => "enabling ntp as clock sync method";
systemd.!clock_timezone_noedit.need_to_modify_timezone::
"/bin/timedatectl"
args => "set-timezone ${linux_timezone}",
classes => cf2_if_else("systemd_timezone_ok", "systemd_timezone_error"),
comment => "setting timezone";
processes:
# If NTP is down, define its restart class
"ntpd"
restart_class => "ntpd_down";
}
bundle edit_line setNtpServer(serverlist)
{
delete_lines:
"server.*";
insert_lines:
"${rudder_parameters.rudder_file_edit_header}"
location => start,
insert_type => "preserve_block";
"server ${serverlist}";
}
bundle edit_line EditCentOSTimezone(tz)
{
insert_lines:
"${rudder_parameters.rudder_file_edit_header}"
location => start,
insert_type => "preserve_block";
replace_patterns:
# Ensure the ZONE is correct
"^[# ]*ZONE\=(?!${tz}).*$"
replace_with => value("ZONE=${tz}");
# Change UTC
"^[# ]*UTC=\+.*$"
replace_with => value("UTC=false");
# Change ARC
"^[# ]*ARC\s+.*$"
replace_with => value("ARC=false");
}
bundle edit_line EditSuSETimezone(tz)
{
insert_lines:
"${rudder_parameters.rudder_file_edit_header}"
location => start,
insert_type => "preserve_block";
replace_patterns:
# Ensure the TIMEZONE is correct
"^[# ]*TIMEZONE\=(?!\"${tz}\").*$"
replace_with => value("TIMEZONE=\"${tz}\"");
# Ensure the DEFAULT_TIMEZONE is correct
"^[# ]*DEFAULT_TIMEZONE\=(?!\"${tz}\").*$"
replace_with => value("DEFAULT_TIMEZONE=\"${tz}\"");
# Ensure the SYSTOHC is correct
"^[# ]*SYSTOHC\=(?!\"yes\").*$"
replace_with => value("SYSTOHC=\"yes\"");
}
bundle edit_line EditDebianTimezone(tz)
{
insert_lines:
# Ensure the ZONE is correct
"${tz}";
}
Loading

0 comments on commit e410ab0

Please sign in to comment.