From c2a2ffbe69c395724506f4dec7c1cdca94d8d735 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Thu, 14 Oct 2010 10:52:58 -0400
Subject: [PATCH] ntpdinstance: Do not replace the config files, just add
 needed options

---
 install/share/Makefile.am              |  2 -
 install/share/ntp.conf.server.template | 50 -------------
 install/share/ntpd.sysconfig.template  |  8 ---
 ipaserver/install/ntpinstance.py       | 97 ++++++++++++++++++++++----
 4 files changed, 82 insertions(+), 75 deletions(-)
 delete mode 100644 install/share/ntp.conf.server.template
 delete mode 100644 install/share/ntpd.sysconfig.template

diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 9efb75a09..18cc766f1 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -27,8 +27,6 @@ app_DATA =				\
 	krb5.ini.template		\
 	krb.con.template		\
 	krbrealm.con.template		\
-	ntp.conf.server.template 	\
-	ntpd.sysconfig.template 	\
 	preferences.html.template 	\
 	referint-conf.ldif		\
 	dna-posix.ldif			\
diff --git a/install/share/ntp.conf.server.template b/install/share/ntp.conf.server.template
deleted file mode 100644
index 09149dfc7..000000000
--- a/install/share/ntp.conf.server.template
+++ /dev/null
@@ -1,50 +0,0 @@
-# Permit time synchronization with our time source, but do not
-# permit the source to query or modify the service on this system.
-restrict default kod nomodify notrap
-restrict -6 default kod nomodify notrap
-
-# Permit all access over the loopback interface.  This could
-# be tightened as well, but to do so would effect some of
-# the administrative functions.
-restrict 127.0.0.1 
-restrict -6 ::1
-
-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
-
-# Use public servers from the pool.ntp.org project.
-# Please consider joining the pool (http://www.pool.ntp.org/join.html).
-server $SERVERA
-server $SERVERB
-server $SERVERC
-
-#broadcast 192.168.1.255 key 42		# broadcast server
-#broadcastclient			# broadcast client
-#broadcast 224.0.1.1 key 42		# multicast server
-#multicastclient 224.0.1.1		# multicast client
-#manycastserver 239.255.254.254		# manycast server
-#manycastclient 239.255.254.254 key 42	# manycast client
-
-# Undisciplined Local Clock. This is a fake driver intended for backup
-# and when no outside source of synchronized time is available. 
-server	127.127.1.0	# local clock
-#fudge	127.127.1.0 stratum 10	
-
-# Drift file.  Put this in a directory which the daemon can write to.
-# No symbolic links allowed, either, since the daemon updates the file
-# by creating a temporary in the same directory and then rename()'ing
-# it to the file.
-driftfile /var/lib/ntp/drift
-
-# Key file containing the keys and key identifiers used when operating
-# with symmetric key cryptography. 
-keys /etc/ntp/keys
-
-# Specify the key identifiers which are trusted.
-#trustedkey 4 8 42
-
-# Specify the key identifier to use with the ntpdc utility.
-#requestkey 8
-
-# Specify the key identifier to use with the ntpq utility.
-#controlkey 8
diff --git a/install/share/ntpd.sysconfig.template b/install/share/ntpd.sysconfig.template
deleted file mode 100644
index 3412a0e8c..000000000
--- a/install/share/ntpd.sysconfig.template
+++ /dev/null
@@ -1,8 +0,0 @@
-# Drop root to id 'ntp:ntp' by default.
-OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
-
-# Set to 'yes' to sync hw clock after successful ntpdate
-SYNC_HWCLOCK=yes
-
-# Additional options for ntpdate
-NTPDATE_OPTIONS=""
diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py
index 320522de5..3f7f71532 100644
--- a/ipaserver/install/ntpinstance.py
+++ b/ipaserver/install/ntpinstance.py
@@ -33,8 +33,10 @@ class NTPInstance(service.Service):
             self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')
 
     def __write_config(self):
-        # The template sets the config to point towards ntp.pool.org, but
-        # they request that software not point towards the default pool.
+
+        self.fstore.backup_file("/etc/ntp.conf")
+        self.fstore.backup_file("/etc/sysconfig/ntpd")
+
         # We use the OS variable to point it towards either the rhel
         # or fedora pools. Other distros should be added in the future
         # or we can get our own pool.
@@ -44,24 +46,89 @@ class NTPInstance(service.Service):
         elif ipautil.file_exists("/etc/redhat-release"):
             os = "rhel"
 
-        sub_dict = { }
-        sub_dict["SERVERA"] = "0.%s.pool.ntp.org" % os
-        sub_dict["SERVERB"] = "1.%s.pool.ntp.org" % os
-        sub_dict["SERVERC"] = "2.%s.pool.ntp.org" % os
+        srv_vals = []
+        srv_vals.append("0.%s.pool.ntp.org" % os)
+        srv_vals.append("1.%s.pool.ntp.org" % os)
+        srv_vals.append("2.%s.pool.ntp.org" % os)
+        srv_vals.append("127.127.1.0")
+        fudge = ["fudge", "127.127.1.0", "stratum", "10"]
 
-        ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", sub_dict)
-        ntp_sysconf = ipautil.template_file(ipautil.SHARE_DIR + "ntpd.sysconfig.template", {})
+        #read in memory, change it, then overwrite file
+        file_changed = False
+        fudge_present = False
+        ntpconf = []
+        fd = open("/etc/ntp.conf", "r")
+        for line in fd:
+            opt = line.split()
+            if len(opt) < 1:
+                ntpconf.append(line)
+                continue
 
-        self.fstore.backup_file("/etc/ntp.conf")
-        self.fstore.backup_file("/etc/sysconfig/ntpd")
+            if opt[0] == "server":
+                match = False
+                for srv in srv_vals:
+                    if opt[1] == srv:
+                        match = True
+                        break
+                if match:
+                    srv_vals.remove(srv)
+                else:
+                    file_changed = True
+                    line = ""
+            elif opt[0] == "fudge":
+                if opt[0:4] == fudge[0:4]:
+                    fudge_present = True
+                else:
+                    file_changed = True
+                    line = ""
 
-        fd = open("/etc/ntp.conf", "w")
-        fd.write(ntp_conf)
+            ntpconf.append(line)
+
+        if file_changed or len(srv_vals) != 0 or not fudge_present:
+            fd = open("/etc/ntp.conf", "w")
+            for line in ntpconf:
+                fd.write(line)
+            fd.write("\n### Added by IPA Installer ###\n")
+            if len(srv_vals) != 0:
+                for srv in srv_vals:
+                    fd.write("server "+srv+"\n")
+            if not fudge_present:
+                fd.write("fudge 127.127.1.0 stratum 10\n")
+            fd.close()
+
+        #read in memory, find OPTIONS, check/change it, then overwrite file
+        file_changed = False
+        found_options = False
+        ntpdsysc = []
+        fd = open("/etc/sysconfig/ntpd", "r")
+        for line in fd:
+            sline = line.strip()
+            if sline.find("OPTIONS") == 0:
+                found_options = True
+                opts = sline.split("=", 1)
+                if len(opts) != 2:
+                    optvals=""
+                else:
+                    optvals = opts[1].strip(' "')
+                if optvals.find("-x") == -1:
+                    optvals += " -x"
+                    file_changed = True
+                if optvals.find("-g") == -1:
+                    optvals += " -g"
+                    file_changed = True
+                if file_changed:
+                    line = 'OPTIONS="'+optvals+'"\n'
+            ntpdsysc.append(line)
         fd.close()
+        if not found_options:
+            ntpdsysc.insert(0, 'OPTIONS="-x -g"\n')
+            file_changed = True
 
-        fd = open("/etc/sysconfig/ntpd", "w")
-        fd.write(ntp_sysconf)
-        fd.close()
+        if file_changed:
+            fd = open("/etc/sysconfig/ntpd", "w")
+            for line in ntpdsysc:
+                fd.write(line)
+            fd.close()
 
     def __stop(self):
         self.backup_state("running", self.is_running())