written by Peter van der Walt for www.netcb.com
Web Interface for eDirectory TimeSync Checks and attempted Repairs for Linux Servers.
How the application works
- It runs ndsrepair -T to get a eDirectory TimeSync report in /timesync.log
- The PHP interface starts by using Grep to identify Linux servers in the timesync.log that’s out of sync
- The PHP interface generates a Table of the servers out of sync, and in sync
- All actions are posted to PHP or Bash scripts (i.e. Generate TimeSync report, Restart NDS and Fix Time). The results of Generate and Restart refreshes the page and diplays the results in the header as the information in timesync.log can be changed by running these commands. The Fix is run without refreshing the page, instead results are displayed in a status bar at the bottom of the screen. This is because even though time is/is not fixed, you first need to run a Generate new TimeSync report to get this information validated. Not refreshing saves time: as soon as the result is updated in the status bar, you can immediately click Fix for the next server. As soon as you have gone through the list, you can validate the results by Generating a new TimeSync Report
- Fixing NTP only works if NTP is properly configured, but for instance the drift is too big therefore NTP is not adjusting the time, or for some other reason – manually setting the time then restarting ntpd is required – this fixes NTP issues 95% of the time on Linux
1. This web interface was only tested on Firefox
2. Server requirements:
2.1 Server must be in the Tree.
2.2 This server’s time must be in sync with the time sources used on all the other servers
2.3 NTP must be properly configured prior to using this tool. i.e. a proper ntp.conf, ntpd running, etc
2.4 Server must have Apache2 and PHP5. To install: ‘zypper in apache2 php5 apache2-mod_php5′
2.5 Paths are for Novell SuSE Linux Enterprise 10 SP3 with OES2 SP2a – if you need to modify, modify references in index.php, timesync.php and the script files in /usr/scripts.
2.6 Install the ‘expect’ shell: zypper in expect – this is required for the Automated fixing of time. It is not part of a Default OES install
How to Install:
- Edit /etc/sudoers as reflected in the sample sudoers file in the /etc folder on the installationThe purpose of this step is to allow the Apache daemon to execute the scripts in /usr/scripts as well as ndsrepair (to generate Timesync report) and the cat, touch, ls commands. These bash executables are called from the PHP code
- Copy the /usr/scripts into the filesystem. Make sure that wwwrun:www has permissions to access and execute the filesThese are the bash scripts called by the PHP program – to execute certain core parts of the Time Synchronisation interface.
NB: See next note about password CSV file.
- Using the sample passwd.csv file, construct a list of server names (NCP server names as will be reported in NDSRepair) and their respective root passwords. These passwords will be used when fixing NTP bu using SSH to the server to execute a date -s command with the correct date of the server the Web Interface is running from, then restarting the xntpd daemon. It follows these up, by running ntptime to confirm of NTP is now working properly.The format of this CSV must be servername|password, not separated with Commas, instead seperated by a “|”.
You could also leave this blank, as the interface allows you to insert a password manually. When I developed this, I added the password lookup as this particular scenario had several password and I was not planning on memorising which password goes with which server.
Please note that this is the first public release. There may still be a bug or two.