Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate ntp paths #25

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Validate ntp paths #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ce43b6c
Updated boolean types and validated some PATHs
nalyanyam Aug 22, 2013
eae797a
clean-up - only checked paths
nalyanyam Aug 22, 2013
b8f00cd
Removed space
nalyanyam Aug 22, 2013
5ad1cb1
Updates to template files & init.pp
nalyanyam Aug 23, 2013
7807614
Updated ntp.conf template & cleaned up
nalyanyam Aug 23, 2013
9791e96
Added check for ntp_key
nalyanyam Aug 23, 2013
4a30314
Deleted space
nalyanyam Aug 23, 2013
3c0a9de
Updated ntp.conf.erb template
nalyanyam Aug 26, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 15 additions & 4 deletions manifests/init.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
$service_name = 'USE_DEFAULTS',
$config_file = 'USE_DEFAULTS',
$driftfile = 'USE_DEFAULTS',
$ntp_key_enable = 'USE_DEFAULTS',
$service_running = true,
$service_hasstatus = true,
$service_hasrestart = true,
Expand Down Expand Up @@ -105,6 +106,7 @@
$default_service_name = 'ntp'
$default_config_file = '/etc/ntp.conf'
$default_driftfile = '/var/lib/ntp/ntp.drift'
$default_ntp_key_enable = true

# Verified that Ubuntu does not use /etc/ntp/step-tickers by default.
if $::operatingsystem == 'Ubuntu' {
Expand All @@ -122,6 +124,7 @@
$default_config_file = '/etc/ntp.conf'
$default_driftfile = '/var/lib/ntp/ntp.drift'
$step_tickers_enable = true
$default_ntp_key_enable = true
}
'suse': {
$default_package_noop = false
Expand All @@ -130,7 +133,8 @@
$default_service_name = 'ntp'
$default_config_file = '/etc/ntp.conf'
$default_driftfile = '/var/lib/ntp/ntp.drift'
$step_tickers_enable = true
$step_tickers_enable = false
$default_ntp_key_enable = false

case $::lsbmajdistrelease {
'9','10': {
Expand All @@ -147,7 +151,7 @@
'solaris': {
case $::kernelrelease {
'5.9','5.10': {
$default_package_name = [ 'SUNWntp4r', 'SUNWntp4u' ]
$default_package_name = [ 'SUNWntpr', 'SUNWntpu' ]
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solaris package array still fails. But no showstopper, since these are mainly packages that come with the default installation , so in hiera - single package check will be enough.
However, It would be good to know why the array fails - only on Solaris but not on Linux. Anything to do with versions, puppet - facter etc?

}
'5.11': {
$default_package_name = [ 'network/ntp' ]
Expand All @@ -159,10 +163,11 @@
$default_package_noop = true
$default_package_source = '/var/spool/pkg'
$default_package_adminfile = '/var/sadm/install/admin/puppet-ntp'
$default_service_name = 'ntp4'
$default_service_name = 'ntp'
$default_config_file = '/etc/inet/ntp.conf'
$default_driftfile = '/var/ntp/ntp.drift'
$step_tickers_enable = false
$default_ntp_key_enable = true
}
default: {
fail("The ntp module is supported by OS Families Debian, Redhat, Suse, and Solaris. Your operatingsystem, ${::operatingsystem}, is part of the osfamily, ${::osfamily}")
Expand Down Expand Up @@ -235,6 +240,12 @@
$step_tickers_ensure_real = $step_tickers_ensure
}

if $ntp_key_enable == 'USE_DEFAULTS' {
$ntp_key_enable_real = $default_ntp_key_enable
} else {
$ntp_key_enable_real = $ntp_key_enable
}

# validate $my_enable_stats - must be true or false
case $my_enable_stats {
true,false: {
Expand All @@ -253,7 +264,7 @@
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///files/ntp/admin_file',
content => template('ntp/admin_file.erb'),
}
}

Expand Down
17 changes: 4 additions & 13 deletions spec/classes/init_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,7 @@
it {
should contain_service('ntp_service').with({
'ensure' => 'running',
'name' => 'ntp4',
'name' => 'ntp',
'enable' => 'true',
})
}
Expand Down Expand Up @@ -234,11 +234,8 @@

it {
should contain_file('step-tickers').with({
'ensure' => 'present',
'ensure' => 'absent',
'path' => '/etc/ntp/step-tickers',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
})
should contain_file('ntp_conf').with_content(/server 0.us.pool.ntp.org\nserver 1.us.pool.ntp.org\nserver 2.us.pool.ntp.org/)
}
Expand Down Expand Up @@ -286,11 +283,8 @@

it {
should contain_file('step-tickers').with({
'ensure' => 'present',
'ensure' => 'absent',
'path' => '/etc/ntp/step-tickers',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
})
should contain_file('ntp_conf').with_content(/server 0.us.pool.ntp.org\nserver 1.us.pool.ntp.org\nserver 2.us.pool.ntp.org/)
}
Expand Down Expand Up @@ -338,11 +332,8 @@

it {
should contain_file('step-tickers').with({
'ensure' => 'present',
'ensure' => 'absent',
'path' => '/etc/ntp/step-tickers',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
})
should contain_file('ntp_conf').with_content(/server 0.us.pool.ntp.org\nserver 1.us.pool.ntp.org\nserver 2.us.pool.ntp.org/)
}
Expand Down
14 changes: 14 additions & 0 deletions templates/admin_file.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
instance=overwrite
partial=nocheck
runlevel=nocheck
idepend=nocheck
rdepend=nocheck
space=nocheck
setuid=nocheck
conflict=nocheck
action=nocheck
networktimeout=60
networkretries=3
authentication=quit
keystore=/var/sadm/security
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this a solaris default or an Ericsson specifc thing?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not real an Ericsson specific thing - but Solaris default, The default admin file = /var/sadm/install/admin/default also lists keystore=/var/sadm/security as the keystore directory - however, the default admin file causes interactive installation.

ref:
http://docs.oracle.com/cd/E19082-01/819-2379/swmgrpkgs-19113/index.html

basedir=default
10 changes: 10 additions & 0 deletions templates/ntp.conf.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,17 @@ fudge 127.127.1.0 stratum <%= @fudge_stratum %>

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.

<% if @ntp_key_enable_real == 'true' -%>
<% if @operatingsystem !~ /SLE[DS]/ %>
# ntp keys are enabled
keys /etc/ntp/keys
<% else %>
# ntp keydir keyword in ntp.conf causes an error, modification is necessary
# enable ntp_key in SuSE when errors have been fixed.
keys /etc/ntp.keys
<% end %>
<% end -%>

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
Expand Down