Handle NTP configuration in a replica server installation

There were two separate issues: 1. If not enrolling on a pre-configured client then the ntp-server and ntp-pool options are not being passed down to the client installer invocation. 2. If the client is already enrolled then the ntp options are ignored altogether. In the first case simply pass down the options to the client installer invocation. If the client is pre-enrolled and NTP options are provided then raise an exception. https://pagure.io/freeipa/issue/7723 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
freeipa · Oct 18, 2018 · 5e9c9b6 · 5e9c9b6
1 parent fbcb79a
commit 5e9c9b6
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1
@@ -14,7 +14,7 @@ Domain level 0 is not supported anymore.
 
 To create a replica, the machine only needs to be enrolled in the FreeIPA domain first. This process of turning the IPA client into a replica is also referred to as replica promotion.
 
-If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica.
+If you're starting with an existing IPA client, simply run ipa\-replica\-install to have it promoted into a replica. The NTP configuration cannot be updated during client promotion. 
 
 To promote a blank machine into a replica, you have two options, you can either run ipa\-client\-install in a separate step, or pass the enrollment related options to the ipa\-replica\-install (see CLIENT ENROLLMENT OPTIONS). In the latter case, ipa\-replica\-install will join the machine to the IPA realm automatically and will proceed with the promotion step.
 

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
@@ -717,6 +717,11 @@ def ensure_enrolled(installer):
         for ip in installer.ip_addresses:
             # installer.ip_addresses is of type [CheckedIPAddress]
             args.extend(("--ip-address", str(ip)))
+    if installer.ntp_servers:
+        for server in installer.ntp_servers:
+            args.extend(("--ntp-server", server))
+    if installer.ntp_pool:
+        args.extend(("--ntp-pool", installer.ntp_pool))
 
     try:
         # Call client install script
@@ -774,6 +779,11 @@ def promote_check(installer):
                   "the --domain, --server, --realm, --hostname, --password "
                   "and --keytab options.")
 
+        # The NTP configuration can not be touched on pre-installed client:
+        if options.no_ntp or options.ntp_servers or options.ntp_pool:
+                raise ScriptError(
+                    "NTP configuration cannot be updated during promotion")
+
     sstore = sysrestore.StateFile(paths.SYSRESTORE)
 
     fstore = sysrestore.FileStore(paths.SYSRESTORE)