Merge d2bdca837b into 0847977d12

* warn only when zones were ignored

* add changelog 504-firewalld_info-warning

.azure-pipelines/azure-pipelines.yml

@@ -211,8 +211,6 @@ stages:
               test: rhel/9.1
             - name: FreeBSD 13.2
               test: freebsd/13.2
-            - name: FreeBSD 12.4
-              test: freebsd/12.4
   - stage: Remote_2_14
     displayName: Remote 2.14
     dependsOn: []
@@ -227,8 +225,6 @@ stages:
               test: rhel/8.6
             - name: FreeBSD 13.2
               test: freebsd/13.2
-            - name: FreeBSD 12.4
-              test: freebsd/12.4
 
   ## Finally
 

changelogs/fragments/496_seboolean-make-it-wrk-with-SELinux-disabled.yaml

@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - seboolean - make it work with disabled SELinux

changelogs/fragments/504-firewalld_info-warning.yaml

@@ -0,0 +1,2 @@
+minor_changes:
+  - firewalld_info - Only warn about ignored zones, when there are zones ignored.

plugins/modules/firewalld_info.py

@@ -356,6 +356,7 @@ def main():
             specified_zones = module.params['zones']
             collect_zones = list(set(specified_zones) & set(all_zones))
             ignore_zones = list(set(specified_zones) - set(collect_zones))
+            if ignore_zones:
                 warn.append(
                     'Please note: zone:(%s) have been ignored in the gathering process.' % ','.join(ignore_zones))
         else:

plugins/modules/mount.py

@@ -831,7 +831,7 @@ def main():
         # handle mount on boot.  To avoid mount option conflicts, if 'noauto'
         # specified in 'opts',  mount module will ignore 'boot'.
         opts = args['opts'].split(',')
-        if 'noauto' in opts:
+        if module.params['boot'] and 'noauto' in opts:
             args['warnings'].append("Ignore the 'boot' due to 'opts' contains 'noauto'.")
         elif not module.params['boot']:
             args['boot'] = 'no'

plugins/modules/seboolean.py

@@ -73,8 +73,7 @@ except ImportError:
     HAVE_SEMANAGE = False
 
 from ansible.module_utils.basic import AnsibleModule, missing_required_lib
-from ansible.module_utils.six import binary_type
-from ansible.module_utils._text import to_bytes, to_text
+from ansible.module_utils._text import to_text
 from ansible_collections.ansible.posix.plugins.module_utils._respawn import respawn_module, HAS_RESPAWN_UTIL
 
 
@@ -82,23 +81,6 @@ def get_runtime_status(ignore_selinux_state=False):
     return True if ignore_selinux_state is True else selinux.is_selinux_enabled()
 
 
-def has_boolean_value(module, name):
-    bools = []
-    try:
-        rc, bools = selinux.security_get_boolean_names()
-    except OSError:
-        module.fail_json(msg="Failed to get list of boolean names")
-    # work around for selinux who changed its API, see
-    # https://github.com/ansible/ansible/issues/25651
-    if len(bools) > 0:
-        if isinstance(bools[0], binary_type):
-            name = to_bytes(name)
-    if name in bools:
-        return True
-    else:
-        return False
-
-
 def get_boolean_value(module, name):
     state = 0
     try:
@@ -174,7 +156,10 @@ def semanage_set_boolean_value(module, handle, name, value):
         semanage.semanage_handle_destroy(handle)
         module.fail_json(msg="Failed to modify boolean key with semanage")
 
-    if semanage.semanage_bool_set_active(handle, boolkey, sebool) < 0:
+    if (
+            selinux.is_selinux_enabled()
+            and semanage.semanage_bool_set_active(handle, boolkey, sebool) < 0
+    ):
         semanage.semanage_handle_destroy(handle)
         module.fail_json(msg="Failed to set boolean key active with semanage")
 
@@ -315,12 +300,9 @@ def main():
         # Feature only available in selinux library since 2012.
         name = selinux.selinux_boolean_sub(name)
 
-    if not has_boolean_value(module, name):
-        module.fail_json(msg="SELinux boolean %s does not exist." % name)
-
     if persistent:
         changed = semanage_boolean_value(module, name, state)
-    else:
+    elif selinux.is_selinux_enabled():
         cur_value = get_boolean_value(module, name)
         if cur_value != state:
             changed = True

tests/utils/shippable/shippable.sh

@@ -62,16 +62,7 @@ else
     retry pip install "https://github.com/ansible/ansible/archive/stable-${ansible_version}.tar.gz" --disable-pip-version-check
 fi
 
-if [ "${SHIPPABLE_BUILD_ID:-}" ]; then
-    export ANSIBLE_COLLECTIONS_PATHS="${HOME}/.ansible"
-    SHIPPABLE_RESULT_DIR="$(pwd)/shippable"
-    TEST_DIR="${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/ansible/posix"
-    mkdir -p "${TEST_DIR}"
-    cp -aT "${SHIPPABLE_BUILD_DIR}" "${TEST_DIR}"
-    cd "${TEST_DIR}"
-else
-    export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../"
-fi
+export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../"
 
 # START: HACK install dependencies
 if [ "${ansible_version}" == "2.9" ] || [ "${ansible_version}" == "2.10" ]; then