diff --git a/README.markdown b/README.markdown index 717626e5d..0aab3ad8c 100644 --- a/README.markdown +++ b/README.markdown @@ -146,6 +146,10 @@ The following parameters are available in the ntp module: **Deprecated:** This parameter determined whether the ntp module should be automatically updated to the latest version available. Replaced by `package_ensure`. +####`broadcastclient` + +Enable reception of broadcast server messages to any local interface. + ####`config` Sets the file that ntp configuration is written into. @@ -154,6 +158,11 @@ Sets the file that ntp configuration is written into. Determines which template Puppet should use for the ntp configuration. +####`disable_auth` + +Do not require cryptographic authentication for broadcast client, multicast +client and symmetric passive associations. + ####`disable_monitor` Disables monitoring of ntp. diff --git a/manifests/init.pp b/manifests/init.pp index 409a0a605..d2fca8970 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,7 +1,9 @@ class ntp ( $autoupdate = $ntp::params::autoupdate, + $broadcastclient = $ntp::params::broadcastclient, $config = $ntp::params::config, $config_template = $ntp::params::config_template, + $disable_auth = $ntp::params::disable_auth, $disable_monitor = $ntp::params::disable_monitor, $driftfile = $ntp::params::driftfile, $logfile = $ntp::params::logfile, @@ -26,8 +28,10 @@ $udlc = $ntp::params::udlc ) inherits ntp::params { + validate_bool($broadcastclient) validate_absolute_path($config) validate_string($config_template) + validate_bool($disable_auth) validate_bool($disable_monitor) validate_absolute_path($driftfile) if $logfile { validate_absolute_path($logfile) } diff --git a/manifests/params.pp b/manifests/params.pp index 550f93a40..6aeb0fe3a 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -15,6 +15,8 @@ $service_manage = true $udlc = false $interfaces = [] + $disable_auth = false + $broadcastclient = false # On virtual machines allow large clock skews. $panic = str2bool($::is_virtual) ? { diff --git a/spec/classes/ntp_spec.rb b/spec/classes/ntp_spec.rb index bffcc0318..4864e8883 100644 --- a/spec/classes/ntp_spec.rb +++ b/spec/classes/ntp_spec.rb @@ -126,6 +126,54 @@ } end end + describe 'with parameter disable_auth' do + context 'when set to true' do + let(:params) {{ + :disable_auth => true, + }} + + it 'should contain disable auth setting' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^disable auth\n/, + }) + end + end + context 'when set to false' do + let(:params) {{ + :disable_auth => false, + }} + + it 'should not contain disable auth setting' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^disable auth\n/, + }) + end + end + end + describe 'with parameter broadcastclient' do + context 'when set to true' do + let(:params) {{ + :broadcastclient => true, + }} + + it 'should contain broadcastclient setting' do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^broadcastclient\n/, + }) + end + end + context 'when set to false' do + let(:params) {{ + :broadcastclient => false, + }} + + it 'should not contain broadcastclient setting' do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^broadcastclient\n/, + }) + end + end + end describe "ntp::install on #{system}" do let(:params) {{ :package_ensure => 'present', :package_name => ['ntp'], :package_manage => true, }} diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index f813e6007..b736b2270 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -9,6 +9,9 @@ tinker panic 0 <% if @disable_monitor == true -%> disable monitor <% end -%> +<% if @disable_auth == true -%> +disable auth +<% end -%> <% if @restrict != [] -%> # Permit time synchronization with our time source, but do not @@ -27,6 +30,10 @@ interface listen <%= interface %> <% end -%> <% end -%> +<% if @broadcastclient == true -%> +broadcastclient +<% end -%> + <% [@servers].flatten.each do |server| -%> server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %> <% end -%>