Fixed merge conflicts

Fix missing-final-newline error
Improve callback output to align header with roles, tasks and play RECAP
2026-01-13 08:05:19 +01:00 · 2024-09-06 13:27:18 -07:00 · 2022-09-21 08:38:09 -07:00 · 2022-09-20 14:38:08 -07:00
43 changed files with 93 additions and 489 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@ -57,21 +57,6 @@ stages:
              test: units
            - name: Lint
              test: lint
  - stage: Sanity_2_18
    displayName: Ansible 2.18 sanity
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          nameFormat: "{0}"
          testFormat: 2.18/{0}
          targets:
            - name: Sanity
              test: sanity
            - name: Units
              test: units
            - name: Lint
              test: lint
  - stage: Sanity_2_17
    displayName: Ansible 2.17 sanity
    dependsOn: []
@ -128,20 +113,6 @@ stages:
              test: ubuntu2204
            - name: Ubuntu 24.04
              test: ubuntu2404
  - stage: Docker_2_18
    displayName: Docker devel
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          testFormat: 2.18/linux/{0}/1
          targets:
            - name: Fedora 40
              test: fedora40
            - name: Ubuntu 22.04
              test: ubuntu2204
            - name: Ubuntu 24.04
              test: ubuntu2404
  - stage: Docker_2_17
    displayName: Docker 2.17
    dependsOn: []
@ -205,18 +176,6 @@ stages:
              test: rhel/9.4
            - name: FreeBSD 13.3
              test: freebsd/13.3
  - stage: Remote_2_18
    displayName: Remote devel
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          testFormat: 2.18/{0}/1
          targets:
            - name: RHEL 9.4
              test: rhel/9.4
            - name: FreeBSD 13.3
              test: freebsd/13.3
  - stage: Remote_2_17
    displayName: Remote 2.17
    dependsOn: []
@ -275,11 +234,8 @@ stages:
      - Sanity_2_17
      - Remote_2_17
      - Docker_2_17
      - Sanity_2_18
      - Remote_2_18
      - Docker_2_18
      - Sanity_devel
-      # - Remote_devel # Wait for test environment release
+      - Remote_devel
-      # - Docker_devel # Wait for test environment release
+      - Docker_devel
    jobs:
      - template: templates/coverage.yml
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -5,48 +5,6 @@ ansible.posix Release Notes
 .. contents:: Topics
 v1.6.0
 ======
 Release Summary
 ---------------
 This is the minor release of the ``ansible.posix`` collection.
 This changelog contains all changes to the modules and plugins
 in this collection that have been added after the release of
 ``ansible.posix`` 1.5.4.
 Major Changes
 -------------
 - Dropping support for Ansible 2.9, ansible-core 2.15 will be minimum required version for this release
 Minor Changes
 -------------
 - Add summary_only parameter to profile_roles and profile_tasks callbacks.
 - firewalld - add functionality to set forwarding (https://github.com/ansible-collections/ansible.posix/pull/548).
 - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
 - firewalld - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - firewalld_info - Only warn about ignored zones, when there are zones ignored.
 - firewalld_info - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - mount - add no_log option for opts parameter (https://github.com/ansible-collections/ansible.posix/pull/563).
 - seboolean - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - selinux - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 Removed Features (previously deprecated)
 ----------------------------------------
 - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
 Bugfixes
 --------
 - Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483).
 - seboolean - make it work with disabled SELinux
 - synchronize - maintain proper formatting of the remote paths (https://github.com/ansible-collections/ansible.posix/pull/361).
 - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
 v1.5.4
 ======
--- a/README.md
+++ b/README.md
@ -74,14 +74,11 @@ None
 <!-- List the versions of Ansible the collection has been tested with. Must match what is in galaxy.yml. -->
- ansible-core 2.19 (devel)
+- ansible-core 2.18 (devel)
 - ansible-core 2.18 (stable) *
 - ansible-core 2.17 (stable)
 - ansible-core 2.16 (stable)
 - ansible-core 2.15 (stable)
 *Note: For ansible-core 2.18, CI only covers sanity tests and no integration tests will be run until the test environment is released.*
 ## Roadmap
 <!-- Optional. Include the roadmap for this collection, and the proposed release/versioning strategy so users can anticipate the upgrade/update cycle. -->
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@ -347,61 +347,3 @@ releases:
    - 451_firewall_fix_protocol_parameter.yml
    - 456_sysctl_fix_nonetype.yml
    release_date: '2023-05-10'
  1.6.0:
    changes:
      bugfixes:
      - Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483).
      - seboolean - make it work with disabled SELinux
      - synchronize - maintain proper formatting of the remote paths (https://github.com/ansible-collections/ansible.posix/pull/361).
      - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
      major_changes:
      - Dropping support for Ansible 2.9, ansible-core 2.15 will be minimum required
        version for this release
      minor_changes:
      - Add summary_only parameter to profile_roles and profile_tasks callbacks.
      - firewalld - add functionality to set forwarding (https://github.com/ansible-collections/ansible.posix/pull/548).
      - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
      - firewalld - respawn module to use the system python interpreter when the ``firewall``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      - firewalld_info - Only warn about ignored zones, when there are zones ignored.
      - firewalld_info - respawn module to use the system python interpreter when
        the ``firewall`` python module is not available for ``ansible_python_interpreter``
        (https://github.com/ansible-collections/ansible.posix/pull/460).
      - mount - add no_log option for opts parameter (https://github.com/ansible-collections/ansible.posix/pull/563).
      - seboolean - respawn module to use the system python interpreter when the ``selinux``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      - selinux - respawn module to use the system python interpreter when the ``selinux``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      release_summary: 'This is the minor release of the ``ansible.posix`` collection.
        This changelog contains all changes to the modules and plugins
        in this collection that have been added after the release of
        ``ansible.posix`` 1.5.4.'
      removed_features:
      - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
    fragments:
    - 1.6.0.yml
    - 206_fix_sysctl_to_work_on_symlinks.yml
    - 333_doc_absent_precision.yml
    - 361_maintain_proper_formating_remote_paths.yml
    - 421-remove-deprecation-warning.yml
    - 460-respawn.yaml
    - 466-tests.yml
    - 477_ci_update.yml
    - 484-firewalld-offline.yml
    - 487_ci_update.yml
    - 490_doc_authorized_key_path.yml
    - 496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
    - 504-firewalld_info-warning.yaml
    - 508_ci_update.yml
    - 510_ci_update.yml
    - 511_profile-callbacks-add-summary-only-parameter.yml
    - 548_add_foward.yml
    - 556_remove_skippy_callback.yml
    - 562_update_core_version.yml
    - 563_add_no_log_option.yml
    - dropping-ansible29.yml
    - test-reqs.yml
    release_date: '2024-09-11'
--- a/changelogs/fragments/206_fix_sysctl_to_work_on_symlinks.yml
+++ b/changelogs/fragments/206_fix_sysctl_to_work_on_symlinks.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
 - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
--- a/changelogs/fragments/333_doc_absent_precision.yml
+++ b/changelogs/fragments/333_doc_absent_precision.yml
@ -0,0 +1,4 @@
 ---
 trivial:
 - mount - fix description in the documentation of the state ``absent`` to match its actual behavior
  and point out that ``src`` is ignored with state ``absent`` and ``unmounted`` (https://github.com/ansible-collections/ansible.posix/issues/322)
--- a/changelogs/fragments/387_callback_output_header.yml
+++ b/changelogs/fragments/387_callback_output_header.yml
@ -1,3 +0,0 @@
 ---
 minor_changes:
  - callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387).
--- a/changelogs/fragments/421-remove-deprecation-warning.yml
+++ b/changelogs/fragments/421-remove-deprecation-warning.yml
@ -0,0 +1,2 @@
 trivial:
  - synchronize - instantiate the connection plugin without the ``new_stdin`` argument, which is deprecated in ansible-core 2.15 (https://github.com/ansible-collections/ansible.posix/pull/421).
--- a/changelogs/fragments/460-respawn.yaml
+++ b/changelogs/fragments/460-respawn.yaml
@ -0,0 +1,10 @@
 ---
 minor_changes:
  - "seboolean - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "selinux - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "firewalld - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "firewalld_info - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
--- a/changelogs/fragments/466-tests.yml
+++ b/changelogs/fragments/466-tests.yml
@ -0,0 +1,2 @@
 trivial:
  - "Fix integration tests so they work with ansible-core devel / 2.16 (https://github.com/ansible-collections/ansible.posix/pull/466)."
--- a/changelogs/fragments/477_ci_update.yml
+++ b/changelogs/fragments/477_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Drop Python3.9 and update versions of RHEL,Fedora and FreeBSD for ansible-core:devel test(https://github.com/ansible-collections/ansible.posix/issues/476)."
--- a/changelogs/fragments/484-firewalld-offline.yml
+++ b/changelogs/fragments/484-firewalld-offline.yml
@ -0,0 +1,2 @@
 minor_changes:
  - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
--- a/changelogs/fragments/487_ci_update.yml
+++ b/changelogs/fragments/487_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Drop FreeBSD12.4 from CI for ansible-core:devel(https://github.com/ansible-collections/ansible.posix/issues/486)."
--- a/changelogs/fragments/490_doc_authorized_key_path.yml
+++ b/changelogs/fragments/490_doc_authorized_key_path.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - "Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483)."
--- a/changelogs/fragments/496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
+++ b/changelogs/fragments/496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - seboolean - make it work with disabled SELinux
--- a/changelogs/fragments/504-firewalld_info-warning.yaml
+++ b/changelogs/fragments/504-firewalld_info-warning.yaml
@ -0,0 +1,2 @@
 minor_changes:
  - firewalld_info - Only warn about ignored zones, when there are zones ignored.
--- a/changelogs/fragments/508_ci_update.yml
+++ b/changelogs/fragments/508_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Refactoring remote CI targets."
--- a/changelogs/fragments/510_ci_update.yml
+++ b/changelogs/fragments/510_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Replace Fedora 38 with 39 for container test(https://github.com/ansible-collections/ansible.posix/issues/509)."
--- a/changelogs/fragments/511_profile-callbacks-add-summary-only-parameter.yml
+++ b/changelogs/fragments/511_profile-callbacks-add-summary-only-parameter.yml
@ -0,0 +1,3 @@
 ---
 minor_changes:
  - "Add summary_only parameter to profile_roles and profile_tasks callbacks."
--- a/changelogs/fragments/556_remove_skippy_callback.yml
+++ b/changelogs/fragments/556_remove_skippy_callback.yml
@ -0,0 +1,2 @@
 removed_features:
  - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
--- a/changelogs/fragments/562_update_core_version.yml
+++ b/changelogs/fragments/562_update_core_version.yml
@ -0,0 +1,3 @@
 ---
 minor_changes:
  - "Dropping support for ansible-core 2.14, ansible-core 2.15 will be minimum required version for this release"
--- a/changelogs/fragments/566_bump_version_161.yml
+++ b/changelogs/fragments/566_bump_version_161.yml
@ -1,3 +0,0 @@
 ---
 trivial:
  - Bump version to 1.6.1 for next release.
--- a/changelogs/fragments/567_remove_version_added.yml
+++ b/changelogs/fragments/567_remove_version_added.yml
@ -1,3 +0,0 @@
 ---
 trivial:
  - mount - remove wrong version_added section from ``opts_no_log``.
--- a/changelogs/fragments/568_update_authorized_key.yml
+++ b/changelogs/fragments/568_update_authorized_key.yml
@ -1,3 +0,0 @@
 ---
 minor_changes:
  - authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568)
--- a/changelogs/fragments/570_nfs4_acl.yml
+++ b/changelogs/fragments/570_nfs4_acl.yml
@ -1,3 +0,0 @@
 ---
 bugfixes:
  - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
--- a/changelogs/fragments/571_ci_bump_core_version.yml
+++ b/changelogs/fragments/571_ci_bump_core_version.yml
@ -1,3 +0,0 @@
 ---
 trivial:
  - Bump ansible-core version to 2.19 of devel branch and add 2.18 to CI.
--- a/changelogs/fragments/dropping-ansible29.yml
+++ b/changelogs/fragments/dropping-ansible29.yml
@ -0,0 +1,2 @@
 major_changes:
  - "Dropping support for Ansible 2.9, ansible-core 2.14 will be minimum required version for this release"
--- a/changelogs/fragments/test-reqs.yml
+++ b/changelogs/fragments/test-reqs.yml
@ -0,0 +1,2 @@
 trivial:
  - "Move Galaxy test requirements from old transitional format in tests/requirements.yml to standard Ansible Galaxy requirements files in tests/integration/requirements.yml and tests/unit/requirements.yml."
--- a/galaxy.yml
+++ b/galaxy.yml
@ -1,7 +1,7 @@
 ---
 namespace: ansible
 name: posix
-version: 1.6.1
+version: 1.5.4
 readme: README.md
 authors:
  - Ansible (github.com/ansible)
@ -10,6 +10,6 @@ license_file: COPYING
 tags: [posix, networking, shell, unix]
 dependencies: {}
 repository: https://github.com/ansible-collections/ansible.posix
-documentation: https://docs.ansible.com/ansible/latest/collections/ansible/posix/
+documentation: https://github.com/ansible-collections/ansible.posix/tree/main/docs
 homepage: https://github.com/ansible-collections/ansible.posix
 issues: https://github.com/ansible-collections/ansible.posix
--- a/plugins/action/synchronize.py
+++ b/plugins/action/synchronize.py
@ -77,14 +77,7 @@ class ActionModule(ActionBase):
        if self._host_is_ipv6_address(host):
            return '[%s%s]:%s' % (user_prefix, host, path)
-
+        return '%s%s:%s' % (user_prefix, host, path)
        # preserve formatting of remote paths if host or user@host is explicitly defined in the path
        if ':' not in path:
            return '%s%s:%s' % (user_prefix, host, path)
        elif '@' not in path:
            return '%s%s' % (user_prefix, path)
        else:
            return path
    def _process_origin(self, host, path, user):
--- a/plugins/callback/profile_roles.py
+++ b/plugins/callback/profile_roles.py
@ -129,10 +129,7 @@ class CallbackModule(CallbackBase):
    def playbook_on_stats(self, stats):
        # Align summary report header with other callback plugin summary
-        self._display.banner("ROLES RECAP")
+        self._display.banner("ROLE RECAP")
        self._display.display(tasktime())
        self._display.display(filled("", fchar="="))
        timestamp(self)
        total_time = sum(self.totals.values())
--- a/plugins/callback/profile_tasks.py
+++ b/plugins/callback/profile_tasks.py
@ -196,9 +196,6 @@ class CallbackModule(CallbackBase):
        # Align summary report header with other callback plugin summary
        self._display.banner("TASKS RECAP")
        self._display.display(tasktime())
        self._display.display(filled("", fchar="="))
        timestamp(self)
        self.current = None
--- a/plugins/modules/acl.py
+++ b/plugins/modules/acl.py
@ -75,10 +75,6 @@ options:
  use_nfsv4_acls:
    description:
    - Use NFSv4 ACLs instead of POSIX ACLs.
    - This feature uses C(nfs4_setfacl) and C(nfs4_getfacl). The behavior depends on those implementation.
      And currently it only supports C(A) in ACE, so C(D) must be replaced with the appropriate C(A).
    - Permission is set as optimised ACLs by the system. You can check the actual ACLs that has been set using the return value.
    - More info C(man nfs4_setfacl)
    type: bool
    default: false
  recalculate_mask:
@ -183,7 +179,7 @@ def split_entry(entry):
 def build_entry(etype, entity, permissions=None, use_nfsv4_acls=False):
    '''Builds and returns an entry string. Does not include the permissions bit if they are not provided.'''
    if use_nfsv4_acls:
-        return ':'.join(['A', 'g' if etype == 'group' else '', entity, permissions + 'tcy'])
+        return ':'.join([etype, entity, permissions, 'allow'])
    if permissions:
        return etype + ':' + entity + ':' + permissions
@ -191,27 +187,22 @@ def build_entry(etype, entity, permissions=None, use_nfsv4_acls=False):
    return etype + ':' + entity
-def build_command(module, mode, path, follow, default, recursive, recalculate_mask, use_nfsv4_acls, entry=''):
+def build_command(module, mode, path, follow, default, recursive, recalculate_mask, entry=''):
    '''Builds and returns a getfacl/setfacl command.'''
    if mode == 'set':
-        cmd = [module.get_bin_path('nfs4_setfacl' if use_nfsv4_acls else 'setfacl', True)]
+        cmd = [module.get_bin_path('setfacl', True)]
-        cmd.extend(['-a' if use_nfsv4_acls else '-m', entry])
+        cmd.extend(['-m', entry])
    elif mode == 'rm':
-        cmd = [module.get_bin_path('nfs4_setfacl' if use_nfsv4_acls else 'setfacl', True)]
+        cmd = [module.get_bin_path('setfacl', True)]
        cmd.extend(['-x', entry])
    else:  # mode == 'get'
        cmd = [module.get_bin_path('getfacl', True)]
        # prevents absolute path warnings and removes headers
        if platform.system().lower() == 'linux':
            if use_nfsv4_acls:
                # use nfs4_getfacl instead of getfacl if use_nfsv4_acls is True
                cmd = [module.get_bin_path('nfs4_getfacl', True)]
            else:
                cmd = [module.get_bin_path('getfacl', True)]
                cmd.append('--absolute-names')
            cmd.append('--omit-header')
            cmd.append('--absolute-names')
-    if recursive and not use_nfsv4_acls:
+    if recursive:
        cmd.append('--recursive')
    if recalculate_mask == 'mask' and mode in ['set', 'rm']:
@ -219,7 +210,7 @@ def build_command(module, mode, path, follow, default, recursive, recalculate_ma
    elif recalculate_mask == 'no_mask' and mode in ['set', 'rm']:
        cmd.append('--no-mask')
-    if not follow and not use_nfsv4_acls:
+    if not follow:
        if platform.system().lower() == 'linux':
            cmd.append('--physical')
        elif platform.system().lower() == 'freebsd':
@ -232,34 +223,24 @@ def build_command(module, mode, path, follow, default, recursive, recalculate_ma
    return cmd
-def acl_changed(module, cmd, entry, use_nfsv4_acls=False):
+def acl_changed(module, cmd):
    '''Returns true if the provided command affects the existing ACLs, false otherwise.'''
-    # To check the ACL changes, use the output of setfacl or nfs4_setfacl with '--test'.
+    # FreeBSD do not have a --test flag, so by default, it is safer to always say "true"
    # FreeBSD do not have a --test flag, so by default, it is safer to always say "true".
    if platform.system().lower() == 'freebsd':
        return True
    cmd = cmd[:]  # lists are mutables so cmd would be overwritten without this
    cmd.insert(1, '--test')
    lines = run_acl(module, cmd)
    counter = 0
    for line in lines:
        if line.endswith('*,*') and not use_nfsv4_acls:
            return False
        # if use_nfsv4_acls and entry is listed
        if use_nfsv4_acls and entry == line:
            counter += 1
-    # The current 'nfs4_setfacl --test' lists a new entry,
+    for line in lines:
-    #  which will be added at the top of list, followed by the existing entries.
+        if not line.endswith('*,*'):
-    # So if the entry has already been registered, the entry should be find twice.
+            return True
-    if counter == 2:
+    return False
        return False
    return True
 def run_acl(module, cmd, check_rc=True):
-    '''Runs the provided command and returns the output as a list of lines.'''
+
    try:
        (rc, out, err) = module.run_command(cmd, check_rc=check_rc)
    except Exception as e:
@ -332,7 +313,7 @@ def main():
            module.fail_json(msg="'recalculate_mask' MUST NOT be set to 'mask' or 'no_mask' when 'state=query'.")
    if not entry:
-        if state == 'absent' and permissions and not use_nfsv4_acls:
+        if state == 'absent' and permissions:
            module.fail_json(msg="'permissions' MUST NOT be set when 'state=absent'.")
        if state == 'absent' and not entity:
@ -369,24 +350,21 @@ def main():
        entry = build_entry(etype, entity, permissions, use_nfsv4_acls)
        command = build_command(
            module, 'set', path, follow,
-            default, recursive, recalculate_mask, use_nfsv4_acls, entry
+            default, recursive, recalculate_mask, entry
        )
-        changed = acl_changed(module, command, entry, use_nfsv4_acls)
+        changed = acl_changed(module, command)
        if changed and not module.check_mode:
            run_acl(module, command)
        msg = "%s is present" % entry
    elif state == 'absent':
-        if use_nfsv4_acls:
+        entry = build_entry(etype, entity, use_nfsv4_acls)
            entry = build_entry(etype, entity, permissions, use_nfsv4_acls)
        else:
            entry = build_entry(etype, entity, use_nfsv4_acls)
        command = build_command(
            module, 'rm', path, follow,
-            default, recursive, recalculate_mask, use_nfsv4_acls, entry
+            default, recursive, recalculate_mask, entry
        )
-        changed = acl_changed(module, command, entry, use_nfsv4_acls)
+        changed = acl_changed(module, command)
        if changed and not module.check_mode:
            run_acl(module, command, False)
@ -397,10 +375,7 @@ def main():
    acl = run_acl(
        module,
-        build_command(
+        build_command(module, 'get', path, follow, default, recursive, recalculate_mask)
            module, 'get', path, follow, default, recursive,
            recalculate_mask, use_nfsv4_acls
        )
    )
    module.exit_json(changed=changed, msg=msg, acl=acl)
--- a/plugins/modules/authorized_key.py
+++ b/plugins/modules/authorized_key.py
@ -24,7 +24,6 @@ options:
  key:
    description:
      - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
      - You can also use V(file://) prefix to search remote for a file with SSH key(s).
    type: str
    required: true
  path:
@ -97,12 +96,6 @@ EXAMPLES = r'''
    state: present
    key: https://github.com/charlie.keys
 - name: Set authorized keys taken from path on controller node
  ansible.posix.authorized_key:
    user: charlie
    state: present
    key: file:///home/charlie/.ssh/id_rsa.pub
 - name: Set authorized keys taken from url using lookup
  ansible.posix.authorized_key:
    user: charlie
@ -230,7 +223,6 @@ from operator import itemgetter
 from ansible.module_utils._text import to_native
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.urls import fetch_url
 from ansible.module_utils.six.moves.urllib.parse import urlparse
 class keydict(dict):
@ -564,7 +556,7 @@ def enforce_state(module, params):
    follow = params.get('follow', False)
    error_msg = "Error getting key from: %s"
-    # if the key is a url or file, request it and use it as key source
+    # if the key is a url, request it and use it as key source
    if key.startswith("http"):
        try:
            resp, info = fetch_url(module, key)
@ -578,19 +570,6 @@ def enforce_state(module, params):
        # resp.read gives bytes on python3, convert to native string type
        key = to_native(key, errors='surrogate_or_strict')
    if key.startswith("file"):
        # if the key is an absolute path, check for existense and use it as a key source
        key_path = urlparse(key).path
        if not os.path.exists(key_path):
            module.fail_json(msg="Path to a key file not found: %s" % key_path)
        if not os.path.isfile(key_path):
            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key_path)
        try:
            with open(key_path, 'r') as source_fh:
                key = source_fh.read()
        except OSError as e:
            module.fail_json(msg="Failed to read key file %s : %s" % (key_path, to_native(e)))
    # extract individual keys into an array, skipping blank lines and comments
    new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
--- a/plugins/modules/firewalld.py
+++ b/plugins/modules/firewalld.py
@ -108,11 +108,6 @@ options:
      - The amount of time in seconds the rule should be in effect for when non-permanent.
    type: int
    default: 0
  forward:
    description:
      - The forward setting you would like to enable/disable to/from zones within firewalld.
      - This option only is supported by firewalld v0.9.0 or later.
    type: str
  masquerade:
    description:
      - The masquerade setting you would like to enable/disable to/from zones within firewalld.
@ -143,8 +138,8 @@ notes:
  - This module needs C(python-firewall) or C(python3-firewall) on managed nodes.
    It is usually provided as a subset with C(firewalld) from the OS distributor for the OS default Python interpreter.
 requirements:
- firewalld >= 0.9.0
+- firewalld >= 0.2.11
- python-firewall >= 0.9.0
+- python-firewall >= 0.2.11
 author:
 - Adam Miller (@maxamillion)
 '''
@ -203,12 +198,6 @@ EXAMPLES = r'''
    permanent: true
    state: enabled
 - ansible.posix.firewalld:
    forward: true
    state: enabled
    permanent: true
    zone: internal
 - ansible.posix.firewalld:
    masquerade: true
    state: enabled
@ -416,49 +405,6 @@ class ProtocolTransaction(FirewallTransaction):
        self.update_fw_settings(fw_zone, fw_settings)
 class ForwardTransaction(FirewallTransaction):
    """
    ForwardTransaction
    """
    def __init__(self, module, action_args=None, zone=None, desired_state=None, permanent=False, immediate=False):
        super(ForwardTransaction, self).__init__(
            module, action_args=action_args, desired_state=desired_state, zone=zone, permanent=permanent, immediate=immediate
        )
        self.enabled_msg = "Added forward to zone %s" % self.zone
        self.disabled_msg = "Removed forward from zone %s" % self.zone
    def get_enabled_immediate(self):
        if self.fw.queryForward(self.zone) is True:
            return True
        else:
            return False
    def get_enabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        if fw_settings.queryForward() is True:
            return True
        else:
            return False
    def set_enabled_immediate(self):
        self.fw.addForward(self.zone)
    def set_enabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        fw_settings.setForward(True)
        self.update_fw_settings(fw_zone, fw_settings)
    def set_disabled_immediate(self):
        self.fw.removeForward(self.zone)
    def set_disabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        fw_settings.setForward(False)
        self.update_fw_settings(fw_zone, fw_settings)
 class MasqueradeTransaction(FirewallTransaction):
    """
    MasqueradeTransaction
@ -875,7 +821,6 @@ def main():
            state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
            timeout=dict(type='int', default=0),
            interface=dict(type='str'),
            forward=dict(type='str'),
            masquerade=dict(type='str'),
            offline=dict(type='bool', default=False),
            target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
@ -888,7 +833,7 @@ def main():
        ),
        mutually_exclusive=[
            ['icmp_block', 'icmp_block_inversion', 'service', 'protocol', 'port', 'port_forward', 'rich_rule',
-             'interface', 'forward', 'masquerade', 'source', 'target']
+             'interface', 'masquerade', 'source', 'target']
        ],
    )
@ -897,7 +842,6 @@ def main():
    immediate = module.params['immediate']
    timeout = module.params['timeout']
    interface = module.params['interface']
    forward = module.params['forward']
    masquerade = module.params['masquerade']
    offline = module.params['offline']
@ -961,7 +905,7 @@ def main():
    modification = False
    if any([icmp_block, icmp_block_inversion, service, protocol, port, port_forward, rich_rule,
-            interface, forward, masquerade, source, target]):
+            interface, masquerade, source, target]):
        modification = True
    if modification and desired_state in ['absent', 'present'] and target is None:
        module.fail_json(
@ -1128,29 +1072,6 @@ def main():
        changed, transaction_msgs = transaction.run()
        msgs = msgs + transaction_msgs
    if forward is not None:
        # Type of forward will be changed to boolean in a future release.
        forward_status = False
        try:
            forward_status = boolean(forward, False)
        except TypeError:
            module.warn('The value of the forward option is "%s". '
                        'The type of the option will be changed from string to boolean in a future release. '
                        'To avoid unexpected behavior, please change the value to boolean.' % forward)
        expected_state = 'enabled' if (desired_state == 'enabled') == forward_status else 'disabled'
        transaction = ForwardTransaction(
            module,
            action_args=(),
            zone=zone,
            desired_state=expected_state,
            permanent=permanent,
            immediate=immediate,
        )
        changed, transaction_msgs = transaction.run()
        msgs = msgs + transaction_msgs
    if masquerade is not None:
        # Type of masquerade will be changed to boolean in a future release.
        masquerade_status = True
--- a/plugins/modules/mount.py
+++ b/plugins/modules/mount.py
@ -43,11 +43,6 @@ options:
    description:
      - Mount options (see fstab(5), or vfstab(4) on Solaris).
    type: str
  opts_no_log:
    description:
      - Do not log opts.
    type: bool
    default: false
  dump:
    description:
      - Dump (see fstab(5)).
@ -214,7 +209,6 @@ EXAMPLES = r'''
    src: //192.168.1.200/share
    path: /mnt/smb_share
    opts: "rw,vers=3,file_mode=0600,dir_mode=0700,dom={{ ad_domain }},username={{ ad_username }},password={{ ad_password }}"
    opts_no_log: true
    fstype: cifs
    state: ephemeral
 '''
@ -774,7 +768,6 @@ def main():
            fstype=dict(type='str'),
            path=dict(type='path', required=True, aliases=['name']),
            opts=dict(type='str'),
            opts_no_log=dict(type='bool', default=False),
            passno=dict(type='str', no_log=False, default='0'),
            src=dict(type='path'),
            backup=dict(type='bool', default=False),
@ -788,9 +781,6 @@ def main():
        ),
    )
    if module.params['opts_no_log']:
        module.no_log_values.add(module.params['opts'])
    # solaris args:
    #   name, src, fstype, opts, boot, passno, state, fstab=/etc/vfstab
    # linux args:
--- a/tests/integration/targets/authorized_key/defaults/main.yml
+++ b/tests/integration/targets/authorized_key/defaults/main.yml
@ -35,5 +35,3 @@ multiple_keys_comments: |
  ssh-rsa DATA_BASIC 1@testing
  # I like adding comments yo-dude-this-is-not-a-key INVALID_DATA 2@testing
  ecdsa-sha2-nistp521 ECDSA_DATA 4@testing
 key_path: /tmp/id_rsa.pub
--- a/tests/integration/targets/authorized_key/tasks/check_path.yml
+++ b/tests/integration/targets/authorized_key/tasks/check_path.yml
@ -1,32 +0,0 @@
 ---
 - name: Create key file for test
  ansible.builtin.copy:
    dest: "{{ key_path }}"
    content: "{{ rsa_key_basic }}"
    mode: "0600"
 - name: Add key using path
  ansible.posix.authorized_key:
    user: root
    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
 - name: Assert that the key was added
  ansible.builtin.assert:
    that:
      - result.changed == true
 - name: Add key using path again
  ansible.posix.authorized_key:
    user: root
    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
 - name: Assert that no changes were applied
  ansible.builtin.assert:
    that:
      - result.changed == false
--- a/tests/integration/targets/authorized_key/tasks/main.yml
+++ b/tests/integration/targets/authorized_key/tasks/main.yml
@ -31,6 +31,3 @@
 - name: Test for the management of comments with key
  ansible.builtin.import_tasks: comments.yml
 - name: Test for specifying key as a path
  ansible.builtin.import_tasks: check_path.yml
--- a/tests/integration/targets/firewalld/tasks/source_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/source_test_cases.yml
@ -83,6 +83,5 @@
  ansible.builtin.assert:
    that:
      - result is not changed
-      - >
+      - "result.msg ==
-        result.msg == 'parameters are mutually exclusive:
+        'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target'"
        icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|forward|masquerade|source|target'
--- a/tests/integration/targets/firewalld/tasks/zone_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/zone_test_cases.yml
@ -23,55 +23,6 @@
    that:
      - result is not changed
 - name: Zone forwarding test
  when: (ansible_distribution == 'RedHat' and ansible_distribution_major_version is version('8', '>='))
  block:
    - name: Enable zone forwarding
      ansible.posix.firewalld:
        zone: custom
        forward: true
        permanent: true
        state: enabled
      register: result
    - name: Assert zone forwarding is enabled
      ansible.builtin.debug:
        var: result is changed
    - name: Enable zone forwarding (verify not changed)
      ansible.posix.firewalld:
        zone: custom
        forward: true
        permanent: true
        state: enabled
      register: result
    - name: Assert zone forwarding is enabled (verify not changed)
      ansible.builtin.debug:
        var: result is not changed
    - name: Disable zone forwarding
      ansible.posix.firewalld:
        zone: custom
        forward: false
        permanent: true
        state: enabled
    - name: Assert zone forwarding is disabled
      ansible.builtin.debug:
        var: result is changed
    - name: Disable zone forwarding (verify not changed)
      ansible.posix.firewalld:
        zone: custom
        forward: false
        permanent: true
        state: enabled
    - name: Assert zone forwarding is disabled (verify not changed)
      ansible.builtin.debug:
        var: result is not changed
 - name: Firewalld remove zone custom
  ansible.posix.firewalld:
    zone: custom
--- a/tests/integration/targets/mount/tasks/main.yml
+++ b/tests/integration/targets/mount/tasks/main.yml
@ -739,53 +739,3 @@
        - /tmp/myfs_A.img
        - /tmp/myfs_B.img
        - /tmp/myfs
 - name: Block to test opts_no_log option
  when: ansible_system == 'Linux'
  block:
    - name: Create an empty file
      community.general.filesize:
        path: /tmp/myfs.img
        size: 1M
    - name: Format FS
      community.general.filesystem:
        fstype: ext4
        dev: /tmp/myfs.img
    - name: Mount the FS with opts_no_log option true
      ansible.posix.mount:
        path: /tmp/myfs
        src: /tmp/myfs.img
        fstype: ext4
        state: mounted
        opts: rw
        opts_no_log: true
      register: mount_info
    - name: Assert opts_no_log option true
      ansible.builtin.assert:
        that:
          - mount_info.opts == 'VALUE_SPECIFIED_IN_NO_LOG_PARAMETER'
    - name: Remount the FS with opts_no_log option false
      ansible.posix.mount:
        path: /tmp/myfs
        src: /tmp/myfs.img
        fstype: ext4
        state: remounted
        opts: rw,user
        opts_no_log: false
      register: mount_info
    - name: Assert opts_no_log option false
      ansible.builtin.assert:
        that:
          - mount_info.opts == 'rw,user'
  always:
    - name: Unmount FS
      ansible.posix.mount:
        path: /tmp/myfs
        state: absent
    - name: Remove the test FS
      ansible.builtin.file:
        path: '{{ item }}'
        state: absent
      loop:
        - /tmp/myfs.img
        - /tmp/myfs
--- a/tests/sanity/ignore-2.19.txt
+++ b/tests/sanity/ignore-2.19.txt
@ -1 +0,0 @@
 tests/utils/shippable/timing.py shebang
Author	SHA1	Message	Date
John Wadleigh	e0076ebc37	Fixed merge conflicts	2024-09-06 13:27:18 -07:00
John	3abd029b9f	Fix missing-final-newline error	2022-09-21 08:38:09 -07:00
John	3d2681aea6	Improve callback output to align header with roles, tasks and play RECAP	2022-09-20 14:38:08 -07:00
		`@ -0,0 +1,2 @@`
							`trivial:`
							- synchronize - instantiate the connection plugin without the ``new_stdin`` argument, which is deprecated in ansible-core 2.15 (https://github.com/ansible-collections/ansible.posix/pull/421).
		`@ -0,0 +1,2 @@`
							`trivial:`
							`- "Fix integration tests so they work with ansible-core devel / 2.16 (https://github.com/ansible-collections/ansible.posix/pull/466)."`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							`- firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							`- firewalld_info - Only warn about ignored zones, when there are zones ignored.`
		`@ -0,0 +1,2 @@`
							`removed_features:`
							`- skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).`
		`@ -0,0 +1,2 @@`
							`major_changes:`
							`- "Dropping support for Ansible 2.9, ansible-core 2.14 will be minimum required version for this release"`
		`@ -0,0 +1,2 @@`
							`trivial:`
							`- "Move Galaxy test requirements from old transitional format in tests/requirements.yml to standard Ansible Galaxy requirements files in tests/integration/requirements.yml and tests/unit/requirements.yml."`