Bug 1456863 - freeipa depends on ntp
Summary: freeipa depends on ntp
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: freeipa
Version: 28
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: IPA Maintainers
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1496686 1530962
TreeView+ depends on / blocked
 
Reported: 2017-05-30 14:46 UTC by Miroslav Lichvar
Modified: 2019-05-07 12:38 UTC (History)
10 users (show)

Fixed In Version:
Clone Of:
: 1530962 (view as bug list)
Environment:
Last Closed: 2019-05-07 12:38:57 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1463835 0 unspecified CLOSED why the ntp package is being installed as dependency if it isn't needed specifically. 2021-09-09 12:22:34 UTC

Internal Links: 1463835

Description Miroslav Lichvar 2017-05-30 14:46:35 UTC 
Description of problem:

In Fedora we have two NTP implementation: ntp and chrony. Currently, chrony is preferred for both NTP clients and servers. freeipa includes support for ntp in the ipa-{server,client}-install scripts and installs ntp as a dependency. There is no support for chrony.

If there is interest I can try to implement the support in the scripts.

However, as I understand it, the long-term goal in freeipa is to remove all NTP-specific configuration and rely on other tools for that. If it removes the dependency on ntp, that will work too.
Comment 2 Alexander Bokovoy 2017-05-30 14:55:58 UTC 
You are welcome to contribute chrony support. I don't think we'll end up removing completely NTP support from installers, rather make sure you can install without NTP implementation being configured by default. The latter is already possible with -N option to ipa-server-install.

Yet, I think there is a value in having NTP implementation configured during install too, so having the ability to choose ntp or chrony is good.
Comment 3 Jan Pazdziora (Red Hat) 2017-06-06 13:34:22 UTC 
Miroslav, would it be possible to have some helper script which would configure either of the implementations and do the right thing, without including the specifics in the FreeIPA installer itself?
Comment 4 Miroslav Lichvar 2017-06-06 15:56:48 UTC 
That is certainly possible. The question is where would be the script packaged and if/how should be supported other distributions than Fedora/RHEL.

The chrony-helper script in the chrony package can configure chronyd with NTP servers and also DNS SRV records. To be useful for FreeIPA I guess it just needs a new command to enable/disable chronyd as an NTP server.

A similar script could be provided in the ntp package, or one script could handle both, but it would probably require a separate package.

I can also write an ansible role that would do all of this. Would it be ok for freeipa to depend on ansible?
Comment 5 Petr Vobornik 2017-06-06 16:04:22 UTC 
Possibility of depending on Ansible is being investigated - might not work well with other distros or it might be too much for ipa-client. So I cannot say yes or no atm.
Comment 6 Alexander Bokovoy 2017-06-06 16:07:24 UTC 
It is better to not assume ansible is available everywhere. I think we can abstract out calling to your scripts on FreeIPA side and having a script in the chrony package is already a big benefit.
Comment 7 Petr Vobornik 2017-06-16 15:25:44 UTC 
Upstream ticket:
https://pagure.io/freeipa/issue/7024
Comment 8 Jan Kurik 2017-08-15 07:14:44 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 27 development cycle.
Changing version to '27'.
Comment 9 Fedora End Of Life 2018-02-20 15:22:19 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.
Comment 10 Rob Crittenden 2018-07-26 02:38:30 UTC 
Fixed upstream.

master:

    bfb544a Removes ntp from dependencies and behave as there is always -N option
    0090a90 Add dependency and paths for chrony
    ca9c4d7 Replace ntpd with chronyd in installation
    fb28dff FreeIPA server is time synchronization client only
    194518f Add --ntp-pool option to installers
    5d9c749 Adding method to ipa-server-upgrade to cleanup ntpd
    333acf1 Update man pages for FreeIPA client, replica and server install
    ece56ea Removes NTP server role from servroles and description
    dba87a4 Remove NTP server role while upgrading
    74c2b46 Remove unnecessary option --force-chrony
    878cbaa Add enabling chrony daemon when not configured
    e279d89 Configure chrony with pool when server not set

Will come into Fedora as part of 4.7.0 rebase.
Comment 11 Ben Cotton 2019-05-02 19:51:49 UTC 
This message is a reminder that Fedora 28 is nearing its end of life.
On 2019-May-28 Fedora will stop maintaining and issuing updates for
Fedora 28. It is Fedora's policy to close all bug reports from releases
that are no longer maintained. At that time this bug will be closed as
EOL if it remains open with a Fedora 'version' of '28'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 28 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 12 Jan Pazdziora (Red Hat) 2019-05-07 11:36:45 UTC 
I see freeipa-server-4.7.2-1.1.fc28 in Fedora 28. Should this be closed with CURRENTRELEASE?
Note You need to log in before you can comment on or make changes to this bug.