Bug 1331655

Summary: [RFE] Provide an API or tool to query and set NTP servers
Product: Red Hat Enterprise Linux 7 Reporter: Stef Walter <stefw>
Component: chronyAssignee: Miroslav Lichvar <mlichvar>
Status: CLOSED ERRATA QA Contact: Jakub Prokes <jprokes>
Severity: unspecified Docs Contact:
Priority: high    
Version: 7.3CC: fdeutsch, jprokes, jscotka, mvollmer, thozza
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: chrony-2.1.1-2.el7 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 06:09:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1329957, 1330465    
Attachments:
Description Flags
Proposed chrony helper
none
Proposed chrony helper (version 2) none

Description Stef Walter 2016-04-29 07:29:50 UTC 
RHEV-H and Cockpit would like to query and set the NTP servers for chronyd programatically. An API (DBus or command line tool), or drop in file directory is necessary to make this happen.
Comment 1 Stef Walter 2016-04-29 07:31:35 UTC 
RHEV-H has a augeas based code to accomplish this. It could provide a starting point for such a tool.

Fabian, do you have pointers to the augeas code?
Comment 2 Fabian Deutsch 2016-04-29 08:06:41 UTC 
Sure, but as said, this is just for the "old" ntp daemon, not for chrony:

https://gerrit.ovirt.org/gitweb?p=ovirt-node.git;a=blob;f=src/ovirt/node/config/network.py;h=a2e35a561f721869ca085515ed73304a73fb7e8f;hb=HEAD#l218

Code:

 218 def timeservers(new_servers=None):
 219     """Get or set timeservers in the config files
 220     """
 221     augpath = "/files/etc/ntp.conf/server"
 222     return _aug_get_or_set(augpath, new_servers)
Comment 3 Miroslav Lichvar 2016-04-29 09:33:59 UTC 
(In reply to Fabian Deutsch from comment #2)
> Code:
> 
>  218 def timeservers(new_servers=None):
>  219     """Get or set timeservers in the config files
>  220     """
>  221     augpath = "/files/etc/ntp.conf/server"
>  222     return _aug_get_or_set(augpath, new_servers)

The same could probably be used for /etc/chrony.conf. The syntax of the server directive using basic options (minpoll, maxpoll, iburst) is identical. If the code replaced all instances of "ntp.conf" with "chrony.conf" and "ntpd" with "chronyd" it might work without any further changes. FWIW, system-config-date supports both ntpd and chronyd in this way.

If this functionality should be provided by the chrony package in a command-line interface, I could add new commands to the /usr/libexec/chrony-helper script. It already works with servers from DNS SRV records and DHCP.
Comment 4 Fabian Deutsch 2016-04-29 09:39:58 UTC 
Enhancing chrony-helper sounds fantastic.

It would be about adding update-servers (or add- and remove-server?) and list-servers iiuic
Comment 5 Fabian Deutsch 2016-05-06 09:17:46 UTC 
Any progress on this one?
Comment 6 Miroslav Lichvar 2016-05-06 09:33:43 UTC 
Not yet. I think for RHEL7.3 it's too late, it could be in 7.4 if chrony will get an update/testing slot. Maybe it could pass as a "fastfix" errata.

The other proposed approach with extending the timedated API was rejected? The approach with extending the chrony-helper script would certainly be easier.
Comment 7 Marius Vollmer 2016-05-06 11:00:56 UTC 
> The other proposed approach with extending the timedated API was rejected?

These are not alternatives.  I was proposing that timedated provides the system API that clients like Cockpit will use, but there probably needs to be an internal API between timedated and chrony as well to actually implement the functionality.
Comment 9 Miroslav Lichvar 2016-05-11 13:57:51 UTC 
Created attachment 1156167 [details]
Proposed chrony helper

Two new commands were added to the helper script:

list-static-sources lists all sources (pools, servers, peers, reference clocks) and their options specified in /etc/chrony.conf

set-static-sources replaces them with a new set of sources and restarts chronyd if it's running.

# /usr/libexec/chrony-helper list-static-sources
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
# /usr/libexec/chrony-helper set-static-sources "refclock SOCK /var/run/chrony.ttyS1.sock" "server 0.rhel.pool.ntp.org iburst" "server 192.168.100.1 iburst" "peer 192.168.100.2 key 12" "pool 2.rhel.pool.ntp.org iburst"
# /usr/libexec/chrony-helper list-static-sources
refclock SOCK /var/run/chrony.ttyS1.sock
server 0.rhel.pool.ntp.org iburst
server 192.168.100.1 iburst
peer 192.168.100.2 key 12
pool 2.rhel.pool.ntp.org iburst
Comment 10 Miroslav Lichvar 2016-05-16 11:01:51 UTC 
Created attachment 1157845 [details]
Proposed chrony helper (version 2)

This is a new version of the helper script, which reads sources from the standard input rather than the command line. It should be a bit more friendly to shell scripting.

It is now included in the Fedora rawhide package.
Comment 16 errata-xmlrpc 2016-11-04 06:09:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2413.html