1057236 – "-u ntp:ntp" in ntpd.service file breaks ipa-client-install

Bug 1057236 - "-u ntp:ntp" in ntpd.service file breaks ipa-client-install

Summary: "-u ntp:ntp" in ntpd.service file breaks ipa-client-install

Keywords:
Status:	CLOSED DUPLICATE of bug 1049322
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeipa
Sub Component:
Version:	20
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Rob Crittenden
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-01-23 17:00 UTC by Marius Vollmer
Modified:	2014-01-23 18:02 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-01-23 18:02:18 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Marius Vollmer 2014-01-23 17:00:14 UTC

Description of problem:

Running ipa-client-install creates a /etc/sysconfig/ntpd file that causes "systemctl start ntpd.service" to fail.  Both /etc/sysconfig/ntpd and ntpd.service add a "-u" option to the ntpd invocation, but the daemon tolerates only one.

This could be fixed in either FreeIPA or ntp, but I have a hunch that a change in ntp broke this, so I start here.

Version-Release number of selected component (if applicable):

ntp-4.2.6p5-18.fc20.x86_64
freeipa-client-3.3.3-2.fc20.x86_64

How reproducible:

Always

Steps to Reproduce:

[ I don't think you need to actually do this.  See below. ]

0. Setup FreeIPA
1. Join a client to it with realmd.

Actual results:

Realmd runs 

    /usr/sbin/ipa-client-install --domain cockpit.lan --realm COCKPIT.LAN --mkhomedir --enable-dns-updates --unattended --force-join --principal admin -W --force-ntpd

This in turn modifies /etc/sysconfig/ntpd like this:

    # Drop root to id 'ntp:ntp' by default.
    OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"

    # Set to 'yes' to sync hw clock after successful ntpdate
    SYNC_HWCLOCK=yes

    # Additional options for ntpdate
    NTPDATE_OPTIONS=""

and then executes "systemctl restart ntpd.service".  This results in:

    ntpd error:  only one user option allowed
    ntpd - NTP daemon program - Ver. 4.2.6p5
    Usage:  ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
    Try 'ntpd --help' for more information.
    exit 1

because ntpd.service has this in it:

    EnvironmentFile=-/etc/sysconfig/ntpd
    ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS

Thus, the final ntpd command line is

    /usr/sbin/ntpd -u ntp:ntp -x -u ntp:ntp -p /var/run/ntpd.pid

And ntpd fails as shown.

Comment 1 Miroslav Lichvar 2014-01-23 17:40:09 UTC

There was a patch in ntp allowing two -u option and it was recently removed

https://bugzilla.redhat.com/show_bug.cgi?id=639101#c13

This looks similar to bug #1049322.

Comment 2 Marius Vollmer 2014-01-23 18:02:18 UTC

(In reply to Miroslav Lichvar from comment #1)
> There was a patch in ntp allowing two -u option and it was recently removed
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=639101#c13
> 
> This looks similar to bug #1049322.

Yes, exactly the same.  Sorry for the noise.

*** This bug has been marked as a duplicate of bug 1049322 ***

Note You need to log in before you can comment on or make changes to this bug.