Bug 118873 - Init script improperly parses config for servers and peers
Init script improperly parses config for servers and peers
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: ntp (Show other bugs)
9
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Harald Hoyer
Brian Brock
http://gpl.datility.net/jrk/bugs/0403...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-03-21 23:15 EST by Jason Klein
Modified: 2007-04-18 13:04 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-21 09:43:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch for NTP init script with revised sed commands (824 bytes, patch)
2004-03-21 23:20 EST, Jason Klein
no flags Details | Diff

  None (edit)
Description Jason Klein 2004-03-21 23:15:54 EST
Description of problem:

The NTP init script attempts to determine NTP servers and NTP peers 
so that it can add/remove necessary iptables rulesets.

The NTP init script assumes that the servers and peers will be 
specified in the ntp.conf file as follows:

peer [ HostAddress ]
server [ HostAddress ]

However, the actual syntax for "peer" and "server" configuration 
lines within ntp.conf allows for numerous configuration options.  The 
init script fails when other options are present.

peer [ HostAddress ] [ key Number ] [ version Number ] [ prefer ]
server [ HostAddress ] [ key Number ] [ version Number ] [ prefer ] [ 
mode Number ]


HOW TO REPRODUCE BUG:

If your ntp.conf file begins with the lines below, the init script 
will not produce any errors.

server ntp1.example.org
server ntp2.example.org
peer ntp3.example.org
peer ntp4.example.org

If your ntp.conf file begins with the lines below, the init script 
will FAIL.  The lines below include valid syntax that is not properly 
handled by the NTP init script.

server ntp1.example.org prefer
server ntp2.example.org
peer ntp3.example.org key 12345 prefer
peer ntp4.example.org key 12345


EXPLANATION OF BUG:

The ntp init script is trying to pass the entire string 
after "server" or "peer" to an iptables command.  The iptables 
command fails when the additional parameters such as "prefer" are 
present.

HOW TO FIX BUG:

Replace the broken "sed" scripts with scripts that only grab the 
hostname or ip address from the "server" or "peer" configuration 
lines in the ntp.conf file.  The attached diff file 
for "/etc/rc.d/init.d/ntpd" includes my working sed scripts.  The 
diff file is also available at the URL provided.

These scripts ONLY retrieve the hostname (or IP address) specified 
immediately after "server" or "peer" and do not retrieve any other 
options listed after the hostname (or IP address).



Version-Release number of selected component (if applicable):
ntp-4.1.2-0.rc1.2

How reproducible:
Every Time

Steps to Reproduce:
1. Add "server ntp1.example.org prefer" to first line of ntp.conf
2. Run command "service ntpd restart"
3. See iptables related error.  See Additional Information below.

Actual results:
An iptables error occurs.  See Additional Information below.

Expected results:
An iptables error should not occur.  Apply the attached diff file 
with my working sed scripts to "/etc/rc.d/init.d/ntpd" file and you 
will see the expected output as shown in Additional Information.


Additional info:

ERROR OUTPUT/MESSAGES:

[root@dev3 init.d]# service ntpd restart
ntpd: Removing firewall opening for ntp1.example.org port 1[  OK  ]
ntpd: Removing firewall opening for prefer port 123
iptables v1.2.7a: host/network `prefer' not found
Try `iptables -h' or 'iptables --help' for more information.
                                                           [FAILED]
ntpd: Removing firewall opening for ntp2.example.org port 1[  OK  ]
Shutting down ntpd:                                        [  OK  ]
ntpd: Opening firewall for input from ntp1.example.org port[  OK  ]
ntpd: Opening firewall for input from prefer port 123
iptables v1.2.7a: host/network `prefer' not found
Try `iptables -h' or 'iptables --help' for more information.
                                                           [FAILED]
ntpd: Opening firewall for input from ntp2.example.org port[  OK  ]
Starting ntpd:                                             [  OK  ]


EXPECTED OUTPUT/MESSAGES:

[root@dev3 init.d]# service ntpd restart
ntpd: Removing firewall opening for ntp1.example.org port 1[  OK  ]
ntpd: Removing firewall opening for ntp2.example.org port 1[  OK  ]
Shutting down ntpd:                                        [  OK  ]
ntpd: Opening firewall for input from ntp1.example.org port[  OK  ]
ntpd: Opening firewall for input from ntp2.example.org port[  OK  ]
Starting ntpd:                                             [  OK  ]
Comment 1 Jason Klein 2004-03-21 23:20:54 EST
Created attachment 98743 [details]
Patch for NTP init script with revised sed commands

Patch for NTP init script "/etc/rc.d/init.d/ntpd".  Revised sed commands
correctly parse the NTP config file "ntp.conf" for servers and peers.  Patch
resolves iptables related errors that occur when options other than hostname or
ip address are present on server or peer configuration lines.  See RH Bugzilla
# 118873 for more information.
Comment 2 Harald Hoyer 2004-04-21 09:43:28 EDT
timeservers=`/bin/awk '$1=="peer"||$1=="server"{print $2}' $ntpconf`

seems to work

Note You need to log in before you can comment on or make changes to this bug.