Hello.
I have several suggestions:
1) make an optional requires of server/client packages to ntpd, because
last could conflict with another NTP server/client (based to platform);
2) make an abstract NTP module to easy change basic operations (like
read/write configuration, time sync);
3) based on above each Linux distribution team can contribute easily
(e.g. from ALTLinux - openntpd ;-) );
4) Of course manual steps(not by installers) are error
prone(misconfiguration, wrong configuration, etc.).
But IPA controls NTP configuration upon installation only (not at
runtime or start time) as far as i know.
May be add time syncing check?
Thank you.
29.01.2018 17:57, Tibor Dudlák via FreeIPA-devel пишет:
On Mon, Jan 29, 2018 at 3:09 PM, Simo Sorce <ssorce(a)redhat.com
<mailto:ssorce@redhat.com>> wrote:
On Mon, 2018-01-29 at 14:54 +0100, Tibor Dudlák wrote:
[...]
> > > > So given the above we initially decided to make IPA
servers also ntp
> > > > servers and configure client to use IPA server as time
sources.
>
> Not configuring NTP service but still requiting it might be way
to give
> freedom of choice to IPA administrator to set one they prefer before
> installing IPA. :)
I think this is the worst of the possible outcomes, as now you need to
add one more manual step to the configuration of the system.
The point of ipa-server-install is to simplify installation and
configure everything that is *required* except the Operating System.
Requiring something and not installing it would be a net regression.
[...]
> So should we only replace ntpd with chronyd and have option to not
> configure NTP service (chronyd) as it is now if administrator
wants to use
> other than chronyd?
This is certainly an option, but we would then require to have
code for
both ntpd and chronyd upstream, because some older distros use NTP.
Not that this is too difficult, we already have the platform
absraction, so it is a simply a matter of adding chronyd w/o removing
ntpd.
HTH,
Simo.
Thanks for input Simo.
--
Tibor Dudlák
Identity management - freeIPA
Brno, TPB-C, 2C407
Red Hat
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-leave(a)lists.fedorahosted.org