From 603c9ab50f7ec7f54e84977b35ca212e5d2ca90c Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Thu, 15 Jun 2023 16:17:04 +0200 Subject: [PATCH 1/2] fix(suse): remove files in chrony.d Remove files from chrony.d to avoid unmanaged configuration options. Signed-off-by: Georg Pfuetzenreuter --- chrony/config/file.sls | 9 +++++++++ chrony/defaults.yaml | 1 + chrony/osfamilymap.yaml | 3 +++ test/integration/default/controls/config_spec.rb | 11 +++++++++++ 4 files changed, 24 insertions(+) diff --git a/chrony/config/file.sls b/chrony/config/file.sls index 078f607..39cf768 100644 --- a/chrony/config/file.sls +++ b/chrony/config/file.sls @@ -10,6 +10,15 @@ include: - {{ sls_package_install }} +{%- if chrony.confd is string %} +chrony-config-conf.d: + file.directory: + - name: {{ chrony.confd }} + - clean: True + - require: + - sls: {{ sls_package_install }} +{%- endif %} + chrony-config-file-file-managed: file.managed: - name: {{ chrony.config }} diff --git a/chrony/defaults.yaml b/chrony/defaults.yaml index 41313e4..5ba51d3 100644 --- a/chrony/defaults.yaml +++ b/chrony/defaults.yaml @@ -6,6 +6,7 @@ chrony: service: name: chronyd config: /etc/chrony.conf + confd: false ntpservers: - '0.us.pool.ntp.org' - '1.us.pool.ntp.org' diff --git a/chrony/osfamilymap.yaml b/chrony/osfamilymap.yaml index 7be2681..6ce1eed 100644 --- a/chrony/osfamilymap.yaml +++ b/chrony/osfamilymap.yaml @@ -60,6 +60,9 @@ openSUSE: - 'maxdistance 6' - 'logchange 0.1' +Suse: + confd: /etc/chrony.d + Gentoo: package: net-misc/chrony config: /etc/chrony/chrony.conf diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb index eae165e..2d97663 100644 --- a/test/integration/default/controls/config_spec.rb +++ b/test/integration/default/controls/config_spec.rb @@ -4,6 +4,7 @@ keyfile = 'keyfile ' driftfile = '/var/lib/chrony/' logdir = 'logdir /var/log/chrony' +confd = nil case platform[:name] when 'debian', 'ubuntu' config_file = '/etc/chrony/chrony.conf' @@ -13,6 +14,11 @@ config_file = '/etc/chrony/chrony.conf' keyfile += '/etc/chrony.keys' driftfile += 'drift' +when 'suse' + config_file = '/etc/chrony.conf' + keyfile += '/etc/chrony.keys' + driftfile += 'drift' + confd = '/etc/chrony.d' else config_file = '/etc/chrony.conf' keyfile += '/etc/chrony.keys' @@ -35,4 +41,9 @@ its('content') { should include 'pool 0.debian.pool.ntp.org iburst' } its('content') { should include 'pool 1.centos.pool.ntp.org' } end + if !confd.nil? + describe directory(confd) do + its('size') { should be 0 } + end + end end From 14939e416d7d8ae7da474bb2ce32ff5f834d7d47 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 6 Oct 2024 21:24:29 +0200 Subject: [PATCH 2/2] fix(suse): preserve pool.conf The file is managed by RPM - if purging is enabled, idempotency would break after package updates place the Salt removed file back. Hence exclude this file by managing it if it exists. In the default formula configuration it is not included anyways. Signed-off-by: Georg Pfuetzenreuter --- chrony/config/file.sls | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/chrony/config/file.sls b/chrony/config/file.sls index 39cf768..b0ffaaa 100644 --- a/chrony/config/file.sls +++ b/chrony/config/file.sls @@ -17,6 +17,8 @@ chrony-config-conf.d: - clean: True - require: - sls: {{ sls_package_install }} + - file: chrony-config-file-file-managed + - file: chrony-config-file-pool-file-managed {%- endif %} chrony-config-file-file-managed: @@ -34,3 +36,11 @@ chrony-config-file-file-managed: chrony: {{ chrony|json }} - require: - sls: {{ sls_package_install }} + +chrony-config-file-pool-file-managed: + file.managed: + - name: {{ chrony.confd }}/pool.conf + - create: False + - replace: False + - require: + - sls: {{ sls_package_install }}