Merge 2f5210f362 into b96fad5e5b

plugins/modules/sysctl.py

@@ -56,6 +56,16 @@ options:
             - Verify token value with the sysctl command and set with C(-w) if necessary.
         type: bool
         default: false
+    system_wide:
+        description:
+            - If V(true), uses C(sysctl --system) behavior to reload all sysctl configuration files.
+            - This will reload configuration from C(/etc/sysctl.d/*.conf), C(/run/sysctl.d/*.conf), 
+              C(/usr/local/lib/sysctl.d/*.conf), C(/usr/lib/sysctl.d/*.conf), C(/lib/sysctl.d/*.conf),
+              and C(/etc/sysctl.conf) in that order.
+            - If V(false), only reloads the specific sysctl file defined by O(sysctl_file).
+            - Only applies when O(reload) is V(true).
+        type: bool
+        default: false
 author:
 - David CHANIAL (@davixx)
 '''
@@ -100,6 +110,14 @@ EXAMPLES = r'''
     sysctl_set: true
     state: present
     reload: true
+
+# Set vm.swappiness and reload all system sysctl configuration files (equivalent to sysctl --system)
+- ansible.posix.sysctl:
+    name: vm.swappiness
+    value: '10'
+    state: present
+    reload: true
+    system_wide: true
 '''
 
 # ==============================================================
@@ -108,6 +126,7 @@ import os
 import platform
 import re
 import tempfile
+import glob
 
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.six import string_types
@@ -121,12 +140,24 @@ class SysctlModule(object):
     # success or failure.
     LANG_ENV = {'LANG': 'C', 'LC_ALL': 'C', 'LC_MESSAGES': 'C'}
 
+    # We define a variable to keep all the directories to be read, equivalent to
+    # (/sbin/sysctl --system) option
+    SYSCTL_DIRS = [
+        '/etc/sysctl.d/*.conf',
+        '/run/sysctl.d/*.conf',
+        '/usr/local/lib/sysctl.d/*.conf',
+        '/usr/lib/sysctl.d/*.conf',
+        '/lib/sysctl.d/*.conf',
+        '/etc/sysctl.conf'
+    ]
+
     def __init__(self, module):
         self.module = module
         self.args = self.module.params
 
         self.sysctl_cmd = self.module.get_bin_path('sysctl', required=True)
         self.sysctl_file = self.args['sysctl_file']
+        self.system_wide = self.args['system_wide']
 
         self.proc_value = None  # current token value in proc fs
         self.file_value = None  # current token value in file
@@ -305,6 +336,13 @@ class SysctlModule(object):
             # so return here and do not continue to the error processing below
             # https://github.com/ansible/ansible/issues/58158
             return
+        else:
+            if self.system_wide:
+                for sysctl_file in self.SYSCTL_DIRS:
+                    for conf_file in glob.glob(sysctl_file):
+                        rc, out, err = self.module.run_command([self.sysctl_cmd, '-p', conf_file], environ_update=self.LANG_ENV)
+                        if rc != 0 or self._stderr_failed(err):
+                            self.module.fail_json(msg="Failed to reload sysctl: %s" % to_native(out) + to_native(err))
             else:
                 # system supports reloading via the -p flag to sysctl, so we'll use that
                 sysctl_args = [self.sysctl_cmd, '-p', self.sysctl_file]
@@ -401,7 +439,8 @@ def main():
             reload=dict(default=True, type='bool'),
             sysctl_set=dict(default=False, type='bool'),
             ignoreerrors=dict(default=False, type='bool'),
-            sysctl_file=dict(default='/etc/sysctl.conf', type='path')
+            sysctl_file=dict(default='/etc/sysctl.conf', type='path'),
+            system_wide=dict(default=False, type='bool'),  # system_wide parameter
         ),
         supports_check_mode=True,
         required_if=[('state', 'present', ['value'])],

tests/integration/targets/sysctl/tasks/main.yml

@@ -230,6 +230,91 @@
         that:
           - sysctl_test4 is failed
         
+      ##
+      ## sysctl --system
+      ##
+
+    - name: Set vm.swappiness to 10 with --system option
+      ansible.posix.sysctl:
+        name: vm.swappiness
+        value: 10
+        state: present
+        reload: false
+        sysctl_set: true
+        system_wide: true
+      register: sysctl_system_test1
+
+    - name: Check with sysctl command
+      ansible.builtin.command: sysctl vm.swappiness
+      changed_when: false
+      register: sysctl_check_system1
+
+    - name: Debug sysctl_system_test1 sysctl_check_system1
+      ansible.builtin.debug:
+        var: item
+        verbosity: 1
+      with_items:
+        - "{{ sysctl_system_test1 }}"
+        - "{{ sysctl_check_system1 }}"
+
+    - name: Validate results for --system option
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_test1 is changed
+          - sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]
+
+    # Test system_wide with reload=true
+    - name: Set vm.dirty_ratio to 20 with system_wide and reload=true
+      ansible.posix.sysctl:
+        name: vm.dirty_ratio
+        value: 20
+        state: present
+        reload: true
+        system_wide: true
+      register: sysctl_system_reload_test
+
+    - name: Check vm.dirty_ratio value
+      ansible.builtin.command: sysctl -n vm.dirty_ratio
+      changed_when: false
+      register: sysctl_check_dirty_ratio
+
+    - name: Validate system_wide with reload
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_reload_test is changed
+          - sysctl_check_dirty_ratio.stdout == "20"
+
+    # Test system_wide=false behavior (default)
+    - name: Create custom sysctl file for testing
+      ansible.builtin.copy:
+        content: |
+          # Custom sysctl test file
+          vm.dirty_background_ratio=5
+        dest: "{{ output_dir_test }}/custom_sysctl.conf"
+        mode: "0644"
+
+    - name: Set vm.dirty_background_ratio with system_wide=false
+      ansible.posix.sysctl:
+        name: vm.dirty_background_ratio
+        value: 10
+        state: present
+        reload: true
+        system_wide: false
+        sysctl_file: "{{ output_dir_test }}/custom_sysctl.conf"
+      register: sysctl_system_false_test
+
+    - name: Check custom sysctl file content
+      ansible.builtin.command: cat {{ output_dir_test }}/custom_sysctl.conf
+      changed_when: false
+      register: custom_sysctl_content
+
+    - name: Validate system_wide=false behavior
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_false_test is changed
+          - "'vm.dirty_background_ratio=10' in custom_sysctl_content.stdout"
+
+
 - name: Test on RHEL VMs
   when:
     - ansible_facts.virtualization_type != 'docker'
@@ -366,3 +451,36 @@
         that:
           - stat_result.stat.islnk is defined and stat_result.stat.islnk
           - stat_result.stat.lnk_source == '/tmp/ansible_sysctl_test.conf'
+    
+    # Test sysctl: --system
+    - name: Set vm.swappiness to 10 with --system option
+      ansible.posix.sysctl:
+        name: vm.swappiness
+        value: 10
+        state: present
+        reload: false
+        sysctl_set: true
+        system_wide: true
+      register: sysctl_system_test1
+
+    - name: Check with sysctl command
+      ansible.builtin.command: sysctl vm.swappiness
+      changed_when: false
+      register: sysctl_check_system1
+
+    - name: Debug sysctl_system_test1 sysctl_check_system1
+      ansible.builtin.debug:
+        var: item
+        verbosity: 1
+      with_items:
+        - "{{ sysctl_system_test1 }}"
+        - "{{ sysctl_check_system1 }}"
+
+    - name: Validate results for --system option
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_test1 is changed
+          - sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]
+
+- name: Include system_wide specific tests
+  ansible.builtin.include_tasks: system_wide_tests.yml

tests/integration/targets/sysctl/tasks/system_wide_tests.yml

@@ -0,0 +1,170 @@
+---
+# Additional tests specifically for system_wide parameter functionality
+
+- name: Test system_wide parameter comprehensive functionality
+  block:
+    # Test system_wide with reload=true
+    - name: Set vm.dirty_expire_centisecs with system_wide=true
+      ansible.posix.sysctl:
+        name: vm.dirty_expire_centisecs
+        value: 3000
+        state: present
+        reload: true
+        system_wide: true
+      register: sysctl_system_wide_reload_test
+
+    - name: Check vm.dirty_expire_centisecs value
+      ansible.builtin.command: sysctl -n vm.dirty_expire_centisecs
+      changed_when: false
+      register: sysctl_check_dirty_expire
+
+    - name: Validate system_wide with reload=true
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_wide_reload_test is changed
+          - sysctl_check_dirty_expire.stdout == "3000"
+
+    # Test system_wide=false behavior (default)
+    - name: Create custom sysctl file for testing system_wide=false
+      ansible.builtin.copy:
+        content: |
+          # Custom sysctl test file
+          vm.dirty_background_ratio=5
+        dest: "{{ output_dir_test }}/custom_sysctl.conf"
+        mode: "0644"
+
+    - name: Set vm.dirty_background_ratio with system_wide=false
+      ansible.posix.sysctl:
+        name: vm.dirty_background_ratio
+        value: 10
+        state: present
+        reload: true
+        system_wide: false
+        sysctl_file: "{{ output_dir_test }}/custom_sysctl.conf"
+      register: sysctl_system_false_test
+
+    - name: Check custom sysctl file content
+      ansible.builtin.command: cat {{ output_dir_test }}/custom_sysctl.conf
+      changed_when: false
+      register: custom_sysctl_content
+
+    - name: Validate system_wide=false behavior
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_false_test is changed
+          - "'vm.dirty_background_ratio=10' in custom_sysctl_content.stdout"
+
+    # Test system_wide with check mode
+    - name: Test system_wide in check mode
+      ansible.posix.sysctl:
+        name: vm.swappiness
+        value: 25
+        state: present
+        reload: true
+        system_wide: true
+      check_mode: true
+      register: sysctl_system_wide_check_mode
+
+    - name: Validate check mode works with system_wide
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_wide_check_mode is changed
+
+    # Test system_wide with missing directories (should not fail)
+    - name: Test system_wide with potentially missing directories
+      ansible.posix.sysctl:
+        name: vm.overcommit_memory
+        value: 1
+        state: present
+        reload: true
+        system_wide: true
+        ignoreerrors: true
+      register: sysctl_system_wide_missing_dirs
+
+    - name: Validate system_wide handles missing directories
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_wide_missing_dirs is not failed
+
+- name: Test system_wide with multiple configuration files (RHEL/CentOS only)
+  when:
+    - ansible_facts.os_family == 'RedHat'
+    - ansible_facts.virtualization_type != 'docker'
+  block:
+    # Test that system_wide processes multiple configuration files
+    - name: Create test sysctl.d file
+      ansible.builtin.copy:
+        content: |
+          # Test system-wide sysctl reload
+          vm.dirty_writeback_centisecs=500
+        dest: /etc/sysctl.d/99-ansible-test.conf
+        mode: "0644"
+        backup: true
+      register: test_sysctl_file
+
+    - name: Apply setting with system_wide to test multiple file processing
+      ansible.posix.sysctl:
+        name: vm.overcommit_memory
+        value: 1
+        state: present
+        reload: true
+        system_wide: true
+      register: sysctl_multifile_test
+
+    - name: Verify both settings are applied
+      ansible.builtin.shell: |
+        sysctl -n vm.dirty_writeback_centisecs
+        sysctl -n vm.overcommit_memory
+      changed_when: false
+      register: sysctl_multifile_check
+
+    - name: Validate multiple file processing
+      ansible.builtin.assert:
+        that:
+          - sysctl_multifile_test is changed
+          - "'500' in sysctl_multifile_check.stdout"
+          - "'1' in sysctl_multifile_check.stdout"
+
+    - name: Cleanup test sysctl.d file
+      ansible.builtin.file:
+        path: /etc/sysctl.d/99-ansible-test.conf
+        state: absent
+
+- name: Test system_wide parameter combinations
+  block:
+    # Test system_wide with sysctl_set
+    - name: Test system_wide with sysctl_set=true
+      ansible.posix.sysctl:
+        name: vm.swappiness
+        value: 15
+        state: present
+        reload: true
+        system_wide: true
+        sysctl_set: true
+      register: sysctl_system_wide_set_test
+
+    - name: Check vm.swappiness value after system_wide + sysctl_set
+      ansible.builtin.command: sysctl -n vm.swappiness
+      changed_when: false
+      register: sysctl_check_swappiness_set
+
+    - name: Validate system_wide with sysctl_set
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_wide_set_test is changed
+          - sysctl_check_swappiness_set.stdout == "15"
+
+    # Test system_wide with reload=false (should not trigger system reload)
+    - name: Test system_wide with reload=false
+      ansible.posix.sysctl:
+        name: vm.dirty_ratio
+        value: 25
+        state: present
+        reload: false
+        system_wide: true
+      register: sysctl_system_wide_no_reload
+
+    - name: Validate system_wide with reload=false
+      ansible.builtin.assert:
+        that:
+          - sysctl_system_wide_no_reload is changed