In modern systems (RHEL8+) with python3 default the library requirement is `python3-libsemanage`.
Updated `libsemanage-python` to `python3-libsemanage`.
[CI] Fix exit code in CI entrypoint to address shellckeck issue
SUMMARY
Fix wrong exit code -1 in CI entrypoint to address shellcheck failure:
Fixes#301
ISSUE TYPE
CI tests Pull Request
COMPONENT NAME
tests/utils/shippable/shippable.sh
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
Refine the handling of exclusive options
SUMMARY
Refine the handling of exclusive options using mutually_exclusive:
Fixes#255
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ansible.posix.firewalld
ADDITIONAL INFORMATION
None
Reviewed-by: Adam Miller <maxamillion@fedoraproject.org>
Reviewed-by: None <None>
[CI] Replace RHEL8.4 with RHEL8.5 for devel tests
SUMMARY
Replace RHEL8.4 with RHEL8.5 for devel tests
ansible-collections/overview#45 (comment)
ISSUE TYPE
CI tests Pull Request
COMPONENT NAME
azure-pipelines/azure-pipelines.yml
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
Remove deprecated option from nfs mount example
SUMMARY
This removes the intr option from the documentation example for nfs mounts.
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
mount.py
ADDITIONAL INFORMATION
According to the nfs manpage the intr/ nointr option has been deprecated with Kernel 2.6.25 which was released in April 2008 wiki
Even RHEL 6.10 which is already on Extended life cycle support is using a newer 2.6 Kernel. https://access.redhat.com/articles/3078
This does not change any module functionality. It simply removes the option from the nfs mount example.
Reviewed-by: None <None>
[docs] Fixed the tested version list in Tested with Ansible section
SUMMARY
Fixed the tested version list in Tested with Ansible section.
Fixes#290
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
aisnbie.posix/README.md
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
[CI] Add CI tests for Ansible Core 2.12 release
SUMMARY
Add CI tests for Ansible Core 2.12
Fixes#290
ISSUE TYPE
CI tests Pull Request
COMPONENT NAME
ansible.posix/.azure-pipelines/azure-pipelines.yml
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
[docs] Add python-firewall to requirements of firewalld
SUMMARY
The firewalld module uses python-firewall to manage firewalld. However, it is often misunderstood by users as it is not listed in the requirements.
Fixes#286
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
ansible.posix.firewalld
ADDITIONAL INFORMATION
None
Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: None <None>
[CI] Replace Fedora 33 with Fedora 35 for devel tests
SUMMARY
Replace Fedora 33 with Fedora 35 for devel tests
Relates to ansible-collections/overview#45 (comment)
ISSUE TYPE
CI tests Pull Request
COMPONENT NAME
azure-pipelines/azure-pipelines.yml
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
Whitespace in fully path to playbook causes rsync to fail
Any whitespace in path to playbook directory causes rsync to incorrectly chdir fail to correctly run.
SUMMARY
Any whitespace in path to playbook directory causes rsync to incorrectly chdir fail to correctly run.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ansible.posix.synchronize
ADDITIONAL INFORMATION
Example :
cd "/home/a/ansible plays"
task:
- synchronize:
src: a
dest: b
Results in the following error being thrown
fatal: [remote-host]: FAILED! => {"changed": false, "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh='/usr/bin/ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' --rsync-path='sudo -u root rsync' --out-format='<<CHANGED>>%i %n%L' /home/a/ansible plays/deployments// remote-user@remote-host:/b/", "msg": "rsync: [sender] link_stat \"/home/a/ansible\" failed: No such file or directory (2)\nrsync: [sender] change_dir \"/home/a/ansible plays/plays/a/\" failed: No such file or directory (2)\nrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1330) [sender=3.2.3]\n", "rc": 23}
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Example :
cd "/home/a/ansible plays"
task:
- synchronize:
src: a
dest: b
Results in the following error being thrown
fatal: [remote-host]: FAILED! => {"changed": false, "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh='/usr/bin/ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' --rsync-path='sudo -u root rsync' --out-format='<<CHANGED>>%i %n%L' /home/a/ansible plays/deployments// remote-user@remote-host:/data/", "msg": "rsync: [sender] link_stat \"/home/a/ansible\" failed: No such file or directory (2)\nrsync: [sender] change_dir \"/home/a/ansible plays/plays/a/\" failed: No such file or directory (2)\nrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1330) [sender=3.2.3]\n", "rc": 23}
CI: remove centos8 from test matrix
SUMMARY
Remove centos8 from CI matrix.
References: ansible-collections/overview#45 (comment)
ISSUE TYPE
CI tests Pull Request
COMPONENT NAME
.azure-pipelines/azure-pipelines.yml
ADDITIONAL INFORMATION
None
Reviewed-by: None <None>
Fix integration test error on ansible devel branch
SUMMARY
Fix integration test error on ansible devel branch:
Remove centos6 platforms for integration tests on the ansible devel branch from the azure-pipelines.
Add delegate_to to each task of integration test for synchronized module on devel branch
Modify invalid parameter test to use key instead of name for sysctl module
Replace lookup plugin to slurp module in integration tests for selinux module
Add creating working directory task in integration tests for acl module
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ansible.posix
ADDITIONAL INFORMATION
For the integration test for sysctl module, we probably need to handle invalid values specified as kernel param. In this case, even if I set an invalid value as a kernel param, sysctl command shows a warning message. However, the result of the command is 0.
Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
- Remove centos6 platforms for integration tests on
the ansible devel branch from the azure-pipelines.
- Add delegate_to to each task of integration test for
synchronized module on devel branch
- Modify invalid parameter test to use key instead of name
for sysctl module
- Replace lookup plugin to slurp module in integration tests
for selinux module
- Add creating working directory task in integration tests
for acl module
Signed-off-by: Hideki Saito <saito@fgrep.org>
mount - add a newline at the end of line in fstab
SUMMARY
Modify mount module to add a newline at the end of line in /etc/fstab.
Fixes#210
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ansible.posix.mount
ADDITIONAL INFORMATION
None
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: quidame <None>
Reviewed-by: None <None>
selinux: update kernel boot params when disabling/re-enabling SELinux
SUMMARY
The ability to disable SELinux from userspace based on the configuration
file is being deprecated in favor of the selinux=0 kernel boot
parameter. (Note that this affects only the "full" disable; switching
to/from permissive mode will work the same as before.)
Therefore, enhance the selinux module to try to set/unset the kernel
command-line parameter using grubby when enabling/disabling SELinux.
If the grubby package is not present on the system, the module will only
update the config file and report a warning. Note that even with the
runtime disable functionality removed, setting SELINUX=disabled in the
config file will lead to a system with no SELinux policy loaded, which
will behave in a very similar way as if SELinux was fully disabled, only
there could still be some minor performance impact, since the kernel
hooks will still be active.
More information:
https://lore.kernel.org/selinux/157836784986.560897.13893922675143903084.stgit@chester/https://fedoraproject.org/wiki/Changes/Remove_Support_For_SELinux_Runtime_Disable
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
selinux module
Reviewed-by: Adam Miller <maxamillion@fedoraproject.org>
Reviewed-by: Ondrej Mosnáček <omosnacek@gmail.com>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: quidame <None>
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: None <None>
The ability to disable SELinux from userspace based on the configuration
file is being deprecated in favor of the selinux=0 kernel boot
parameter. (Note that this affects only the "full" disable; switching
to/from permissive mode will work the same as before.)
Therefore, add an 'update_kernel_param' module parameter that will cause
it to set/unset the kernel command-line parameter using grubby when
enabling/disabling SELinux. (An explicit parameter was chosen for
backwards compatibility.)
More information:
https://lore.kernel.org/selinux/157836784986.560897.13893922675143903084.stgit@chester/https://fedoraproject.org/wiki/Changes/Remove_Support_For_SELinux_Runtime_Disable
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Add bindep.txt file for execution environments
This adds rsync to the bindep.txt file, which will ensure rsync is
installed as a dependency for execution environments.
Signed-off-by: Paul Belanger pabelanger@redhat.com
Reviewed-by: None <None>
This adds rsync to the bindep.txt file, which will ensure rsync is
installed as a dependency for execution environments.
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
authorized_key: add lookup.url example
SUMMARY
Add lookup.url example since using split_lines=False is not straight-forward.
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
ansible.posix.authorized_key
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: Simon Legner <Simon.Legner@gmail.com>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Display warning message for masquerade and icmp-block-inversion
SUMMARY
Display warning message if the wrong parameter set to masquerade or icmp-block-inversion
Fixes#249
It is a part of #249. Currently, the variable type of the above two parameters is str, but will be changed to bool in the future. As a starting point, this fix displays a warning message if a non-boolean value is specified.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ansible.posix.firewalld
ADDITIONAL INFORMATION
None
Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Modify version number to prepare next release 1.4.0
SUMMARY
Modify the version number to prepare next release.
1.3.0 => 1.4.0
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
ansible.posix
ADDITIONAL INFORMATION
None
Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: None <None>
