From 9e5209d06d752a4edf5901cde5f51d108ec5c256 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: May 04 2017 11:08:43 +0000
Subject: check PEERNTP variable before loading existing dhclient files


The /etc/dhcp/dhclient.d/chrony.sh script creates files with NTP servers
from DHCP only if the PEERNTP variable is not set to "no" (e.g. in
/etc/sysconfig/network). If the variable was set after the files were
already created, the chronyd service would still use the NTP servers
until the files were removed (e.g. after network restart).

Modify the chrony-helper script to check the variable before loading
any servers from dhclient files. Setting the variable and restarting
the chronyd service should now have an immediate effect.

---

diff --git a/chrony.helper b/chrony.helper
index c150ff6..ef1a4e9 100644
--- a/chrony.helper
+++ b/chrony.helper
@@ -16,6 +16,8 @@ dhclient_servers_files=/var/lib/dhclient/chrony.servers.*
 dnssrv_servers_files=$helper_dir/dnssrv@*
 dnssrv_timer_prefix=chrony-dnssrv@
 
+. $network_sysconfig_file &> /dev/null
+
 chrony_command() {
     $chronyc -a -n -m "$1"
 }
@@ -24,9 +26,13 @@ is_running() {
     chrony_command "tracking" &> /dev/null
 }
 
+get_servers_files() {
+    [ "$PEERNTP" != "no" ] && echo "$dhclient_servers_files"
+    echo "$dnssrv_servers_files"
+}
+
 is_update_needed() {
-    for file in $dhclient_servers_files $dnssrv_servers_files \
-            $added_servers_file; do
+    for file in $(get_servers_files) $added_servers_file; do
         [ -e "$file" ] && return 0
     done
     return 1
@@ -40,8 +46,7 @@ update_daemon() {
         return 0
     fi
 
-    all_servers_with_args=$(
-        cat $dhclient_servers_files $dnssrv_servers_files 2> /dev/null)
+    all_servers_with_args=$(cat $(get_servers_files) 2> /dev/null)
 
     all_servers=$(
         echo "$all_servers_with_args" |
@@ -69,25 +74,21 @@ update_daemon() {
 }
 
 get_dnssrv_servers() {
-    local name=$1
+    local name=$1 output
 
     if ! command -v dig &> /dev/null; then
         echo "Missing dig (DNS lookup utility)" >&2
         return 1
     fi
 
-    (
-        . $network_sysconfig_file &> /dev/null
+    output=$(dig "$name" srv +short +ndots=2 +search 2> /dev/null)
+    [ $? -ne 0 ] && return 0
 
-        output=$(dig "$name" srv +short +ndots=2 +search 2> /dev/null)
-        [ $? -ne 0 ] && return 0
-
-        echo "$output" | while read prio weight port target; do
-            server=${target%.}
-            [ -z "$server" ] && continue
-            echo "$server port $port ${NTPSERVERARGS:-iburst}"
-        done
-    )
+    echo "$output" | while read prio weight port target; do
+        server=${target%.}
+        [ -z "$server" ] && continue
+        echo "$server port $port ${NTPSERVERARGS:-iburst}"
+    done
 }
 
 check_dnssrv_name() {