From 84395ae7f8da9e3d532e0cf1dc085b745ffda80f Mon Sep 17 00:00:00 2001
From: Chris Coley <chris@codingallnight.com>
Date: Mon, 14 Jan 2019 14:53:08 -0800
Subject: [PATCH] Fix an issue where a default restrict rule for pools only
 works on NTP v4.2.7p22 or later

---
 tasks/main.yaml       | 9 +++++++++
 templates/ntp.conf.j2 | 2 ++
 2 files changed, 11 insertions(+)

diff --git a/tasks/main.yaml b/tasks/main.yaml
index 2cb78c2..c3c6348 100644
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -29,6 +29,15 @@
   register: _ntp__installed
   become: true
 
+- name: Get version of the installed NTP package
+  shell: "ntpd --version 2>&1 | head -n 1 | cut -d' ' -f2 | cut -d'@' -f1"
+  register: _ntp__version
+  changed_when: false
+- set_fact:
+    _ntp__version: '{{ _ntp__version.stdout }}'
+#- debug:
+#    var: _ntp__version
+
 - name: Generate the NTP configuration file
   template:
     src: '{{ role_path }}/templates/ntp.conf.j2'
diff --git a/templates/ntp.conf.j2 b/templates/ntp.conf.j2
index 6472150..5bb6494 100644
--- a/templates/ntp.conf.j2
+++ b/templates/ntp.conf.j2
@@ -31,8 +31,10 @@ restrict -6 default ignore
 restrict {{ restriction }}
 {% endfor %}
 
+{% if _ntp__version is version_compare('4.2.7p22', '>=') %}
 # Needed for adding pool entries
 restrict source notrap nomodify noquery
+{% endif %}
 
 # Add the ntp servers. You generally don't need these if you're using a pool.
 # server 0.pool.ntp.org iburst
-- 
GitLab