Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-85079

rhel-system-roles.timesync doesn't work when IPv6 is disabled in environment

Linking RHIVOS CVEs to...Migration: Automation ...XMLWordPrintable

    • rhel-sst-system-roles
    • 0
    • Dev ack
    • False
    • Yes
    • Red Hat Enterprise Linux
    • None
    • Unspecified Release Note Type - Unknown
    • Hide
      Feature: Add support for timesync_ntp_ip_family to allow setting the `-4`
      or `-6` OPTIONS in the chronyd or ntpd sysconfig file.

      Reason: When IPv6 is disabled on the node, you must tell chronyd to
      only listen for IPv4 using OPTIONS="-4" in the sysconfig file.
      Otherwise, chronyd will log error messages when binding to IPv6 sockets
      It's also useful to prevent the client from using IPv6 servers when IPv4
      is known to work better (e.g. IPv6 over a tunnel).

      Result: chronyd and ntpd can be configured to work correctly, and
      the services will not log errors, when IPv6 (or IPv4) is disabled
      on the node.

      Signed-off-by: Rich Megginson <[email protected]>
      Show
      Feature: Add support for timesync_ntp_ip_family to allow setting the `-4` or `-6` OPTIONS in the chronyd or ntpd sysconfig file. Reason: When IPv6 is disabled on the node, you must tell chronyd to only listen for IPv4 using OPTIONS="-4" in the sysconfig file. Otherwise, chronyd will log error messages when binding to IPv6 sockets It's also useful to prevent the client from using IPv6 servers when IPv4 is known to work better (e.g. IPv6 over a tunnel). Result: chronyd and ntpd can be configured to work correctly, and the services will not log errors, when IPv6 (or IPv4) is disabled on the node. Signed-off-by: Rich Megginson < [email protected] >
    • Proposed
    • None

      When the IPv6 is disabled on the node, we generally add the below in /etc/sysconfig/chronyd for the chronyd to work with IPv4.

      OPTIONS="-4"

      While we are using the rhel-system-roles.timesync role for the timesync purpose on the managed node, we do not have an option to mention OPTION="-4" 

      Unfortunately, the template used for this (templates/chronyd.sysconfig.j2) hardcodes the "OPTIONS" parameter to remain empty.

      We will need either one of the option to be added:
      1. Add a setting to the timesync role to disable IPv6.
      2. Add a parameter so I can set the "OPTIONS" parameter myself via a default value.
       

       

              rhn-support-mlichvar Miroslav Lichvar
              rhn-support-mramesh Manasa Ramesh
              Richard Megginson Richard Megginson
              David Jez David Jez
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: