Add changelog fragment

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
synchronize: use _find_needle instead
2026-01-12 07:35:31 +01:00 · 2024-07-17 15:58:15 -07:00 · 2024-07-17 15:57:04 -07:00
51 changed files with 379 additions and 1136 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@ -57,21 +57,6 @@ stages:
              test: units
            - name: Lint
              test: lint
  - stage: Sanity_2_18
    displayName: Ansible 2.18 sanity
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          nameFormat: "{0}"
          testFormat: 2.18/{0}
          targets:
            - name: Sanity
              test: sanity
            - name: Units
              test: units
            - name: Lint
              test: lint
  - stage: Sanity_2_17
    displayName: Ansible 2.17 sanity
    dependsOn: []
@ -121,20 +106,6 @@ stages:
      - template: templates/matrix.yml
        parameters:
          testFormat: devel/linux/{0}/1
          targets:
            - name: Fedora 41
              test: fedora41
            - name: Ubuntu 22.04
              test: ubuntu2204
            - name: Ubuntu 24.04
              test: ubuntu2404
  - stage: Docker_2_18
    displayName: Docker 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          testFormat: 2.18/linux/{0}/1
          targets:
            - name: Fedora 40
              test: fedora40
@ -152,6 +123,8 @@ stages:
          targets:
            - name: Fedora 39
              test: fedora39
            - name: Ubuntu 20.04
              test: ubuntu2004
            - name: Ubuntu 22.04
              test: ubuntu2204
  - stage: Docker_2_16
@ -166,6 +139,8 @@ stages:
              test: centos7
            - name: Fedora 38
              test: fedora38
            - name: Ubuntu 20.04
              test: ubuntu2004
            - name: Ubuntu 22.04
              test: ubuntu2204
@ -183,6 +158,8 @@ stages:
              test: fedora37
            - name: openSUSE 15 py3
              test: opensuse15
            - name: Ubuntu 20.04
              test: ubuntu2004
            - name: Ubuntu 22.04
              test: ubuntu2204
@ -194,20 +171,6 @@ stages:
      - template: templates/matrix.yml
        parameters:
          testFormat: devel/{0}/1
          targets:
            - name: RHEL 9.5
              test: rhel/9.5
            - name: FreeBSD 14.2
              test: freebsd/14.2
            - name: FreeBSD 13.5
              test: freebsd/13.5
  - stage: Remote_2_18
    displayName: Remote 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          testFormat: 2.18/{0}/1
          targets:
            - name: RHEL 9.4
              test: rhel/9.4
@ -271,9 +234,6 @@ stages:
      - Sanity_2_17
      - Remote_2_17
      - Docker_2_17
      - Sanity_2_18
      - Remote_2_18
      - Docker_2_18
      - Sanity_devel
      - Remote_devel
      - Docker_devel
--- a/.github/BOTMETA.yml
+++ b/.github/BOTMETA.yml
@ -40,6 +40,7 @@ files:
    labels: debug
  $plugins/patch.py:
    labels: patch
  $plugins/skippy.py:
  $plugins/synchronize.py:
    labels: synchronize
  $plugins/timer.py:
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -4,116 +4,6 @@ ansible.posix Release Notes
 .. contents:: Topics
 v2.0.0
 ======
 Release Summary
 ---------------
 This is the major release of the ``ansible.posix`` collection.
 This changelog contains all changes to the modules and plugins
 in this collection that have been added after the release of
 ``ansible.posix`` 1.6.2
 Minor Changes
 -------------
 - authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568)
 - callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387).
 Breaking Changes / Porting Guide
 --------------------------------
 - firewalld - Changed the type of forward and masquerade options from str to bool (https://github.com/ansible-collections/ansible.posix/issues/582).
 - firewalld - Changed the type of icmp_block_inversion option from str to bool (https://github.com/ansible-collections/ansible.posix/issues/586).
 Removed Features (previously deprecated)
 ----------------------------------------
 - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
 Bugfixes
 --------
 - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
 - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
 - mount - If a comment is appended to a fstab entry, state present creates a double-entry (https://github.com/ansible-collections/ansible.posix/issues/595).
 v1.6.2
 ======
 Release Summary
 ---------------
 This is the bugfix release of the stable version ``ansible.posix`` collection.
 This changelog contains all changes to the modules and plugins
 in this collection that have been added after the release of
 ``ansible.posix`` 1.6.1.
 Bugfixes
 --------
 - backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578).
 v1.6.1
 ======
 Release Summary
 ---------------
 This is the bugfix release of the stable version ``ansible.posix`` collection.
 This changelog contains all changes to the modules and plugins
 in this collection that have been added after the release of
 ``ansible.posix`` 1.6.1.
 Bugfixes
 --------
 - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
 - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
 - skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0 (https://github.com/ansible-collections/ansible.posix/issues/573).
 v1.6.0
 ======
 Release Summary
 ---------------
 This is the minor release of the ``ansible.posix`` collection.
 This changelog contains all changes to the modules and plugins
 in this collection that have been added after the release of
 ``ansible.posix`` 1.5.4.
 Major Changes
 -------------
 - Dropping support for Ansible 2.9, ansible-core 2.15 will be minimum required version for this release
 Minor Changes
 -------------
 - Add summary_only parameter to profile_roles and profile_tasks callbacks.
 - firewalld - add functionality to set forwarding (https://github.com/ansible-collections/ansible.posix/pull/548).
 - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
 - firewalld - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - firewalld_info - Only warn about ignored zones, when there are zones ignored.
 - firewalld_info - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - mount - add no_log option for opts parameter (https://github.com/ansible-collections/ansible.posix/pull/563).
 - seboolean - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 - selinux - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
 Removed Features (previously deprecated)
 ----------------------------------------
 - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
 Bugfixes
 --------
 - Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483).
 - seboolean - make it work with disabled SELinux
 - synchronize - maintain proper formatting of the remote paths (https://github.com/ansible-collections/ansible.posix/pull/361).
 - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
 v1.5.4
 ======
--- a/README.md
+++ b/README.md
@ -4,110 +4,84 @@
 https://dev.azure.com/ansible/ansible.posix/_apis/build/status/CI?branchName=main)](https://dev.azure.com/ansible/ansible.posix/_build?definitionId=26)
 [![Run Status](https://api.shippable.com/projects/5e669aaf8b17a60007e4d18d/badge?branch=main)]() <!--[![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/ansible.posix)](https://codecov.io/gh/ansible-collections/ansible.posix)-->
 ## Communication
 * Join the Ansible forum:
  * [Get Help](https://forum.ansible.com/c/help/6): get help or help others.
  * [Social Spaces](https://forum.ansible.com/c/chat/4): gather and interact with fellow enthusiasts.
  * [News & Announcements](https://forum.ansible.com/c/news/5): track project-wide announcements including social events.
 ## Description
 <!-- Describe the collection and why a user would want to use it. What does the collection do? -->
 An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems.
-## Requirements
+## Supported Versions of Ansible
 <!--start requires_ansible-->
 ## Ansible version compatibility
-* Python:
+This collection has been tested against following Ansible versions: **>=2.14**.
-  * The Python interpreter version must meet Ansible Core's requirements.
+<!--end requires_ansible-->
 * Ansible Core:
  - ansible-core 2.15 or later
-## Installation
+## Included content
 Check out [Ansible Galaxy](https://galaxy.ansible.com/ui/repo/published/ansible/posix/content/) or [the Ansible documentation](https://docs.ansible.com/ansible/devel/collections/ansible/posix/) for all modules and plugins included in this collection.
-Before using this collection, you need to install it with the Ansible Galaxy command-line tool:
+## Installing this collection
-```shell
+You can install the ``ansible.posix`` collection with the Ansible Galaxy CLI:
 ansible-galaxy collection install ansible.posix
 ```
-You can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:
+    ansible-galaxy collection install ansible.posix
 You can also include it in a `requirements.yml` file and install it with `ansible-galaxy collection install -r requirements.yml`, using the format:
 ```yaml
 ---
 collections:
  - name: ansible.posix
 ```
-Note that if you install any collections from Ansible Galaxy, they will not be upgraded automatically when you upgrade the Ansible package.
+## Using this collection
 To upgrade the collection to the latest available version, run the following command:
-```shell
+<!--Include some quick examples that cover the most common use cases for your collection content. -->
 ansible-galaxy collection install ansible.posix --upgrade
 ```
-You can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report an issue in this repository). Use the following syntax to install version 1.0.0:
+See [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details.
-```shell
+## Contributing to this collection
 ansible-galaxy collection install ansible.posix:==1.0.0
 ```
-See [using Ansible collections](https://docs.ansible.com/ansible/devel/user_guide/collections_using.html) for more details.
+<!--Describe how the community can contribute to your collection. At a minimum, include how and where users can create issues to report problems or request features for this collection.  List contribution requirements, including preferred workflows and necessary testing, so you can benefit from community PRs. If you are following general Ansible contributor guidelines, you can link to - [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html). -->
-* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes.
+We welcome community contributions to this collection. See [Contributing to Ansible-maintained collections](https://docs.ansible.com/ansible/devel/community/contributing_maintained_collections.html#contributing-maintained-collections) for complete details.
 For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
 ## Use Cases
 You can see the general use-cases as an example by `ansible-doc` command like below.
 For example, ansible.posix.firewalld module:
 ```shell
 ansible-doc ansible.posix.firewalld
 ```
 Also, if you want to confirm the plugins descriptions, you can follow the following option with `ansible-doc` command:
 For example, ansible.posix.profile_tasks callback plugin:
 ```shell
 ansible-doc -t callback ansible.posix.profile_tasks
 ```
 ## Testing
 The following ansible-core versions have been tested with this collection:
 - ansible-core 2.19 (devel)
 - ansible-core 2.18 (stable) *
 - ansible-core 2.17 (stable)
 - ansible-core 2.16 (stable)
 - ansible-core 2.15 (stable)
 ## Contributing
 We welcome community contributions to this collection. For more details, see [Contributing to Ansible-maintained collections](https://docs.ansible.com/ansible/devel/community/contributing_maintained_collections.html#contributing-maintained-collections) for complete details.
 * [Issues](https://github.com/ansible-collections/ansible.posix/issues)
 * [Pull Requests](https://github.com/ansible-collections/ansible.posix/pulls)
 * [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html)
 ### Code of Conduct
 This collection follows the Ansible project's
 [Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html).
 Please read and familiarize yourself with this document.
-## Support
+## Release notes
 See [Communication](#Communication) section.
 ## Release Notes and Roadmap
 See [changelog](https://github.com/ansible-collections/ansible.posix/blob/main/CHANGELOG.rst) for more details.
-## Related Information
+## External requirements
-This document was written using the following [template](https://access.redhat.com/articles/7068606).
+None
-The README has been carefully prepared to cover the [community template](https://github.com/ansible-collections/collection_template/blob/main/README.md), but if you find any problems, please file a [documentation issue](https://github.com/ansible-collections/ansible.posix/issues/new?assignees=&labels=&projects=&template=documentation_report.md).
+## Tested with Ansible
-## License Information
+<!-- List the versions of Ansible the collection has been tested with. Must match what is in galaxy.yml. -->
 - ansible-core 2.17 (devel)
 - ansible-core 2.16 (stable)
 - ansible-core 2.15 (stable)
 - ansible-core 2.14 (stable)
 ## Roadmap
 <!-- Optional. Include the roadmap for this collection, and the proposed release/versioning strategy so users can anticipate the upgrade/update cycle. -->
 ## More information
 <!-- List out where the user can find additional information, such as working group meeting times, slack/IRC channels, or documentation for the product this collection automates. At a minimum, link to: -->
 - [Ansible Collection overview](https://github.com/ansible-collections/overview)
 - [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html)
 - [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html)
 - [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html)
 ## Licensing
 GNU General Public License v3.0 or later.
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@ -347,146 +347,3 @@ releases:
    - 451_firewall_fix_protocol_parameter.yml
    - 456_sysctl_fix_nonetype.yml
    release_date: '2023-05-10'
  1.6.0:
    changes:
      bugfixes:
      - Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483).
      - seboolean - make it work with disabled SELinux
      - synchronize - maintain proper formatting of the remote paths (https://github.com/ansible-collections/ansible.posix/pull/361).
      - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
      major_changes:
      - Dropping support for Ansible 2.9, ansible-core 2.15 will be minimum required
        version for this release
      minor_changes:
      - Add summary_only parameter to profile_roles and profile_tasks callbacks.
      - firewalld - add functionality to set forwarding (https://github.com/ansible-collections/ansible.posix/pull/548).
      - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
      - firewalld - respawn module to use the system python interpreter when the ``firewall``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      - firewalld_info - Only warn about ignored zones, when there are zones ignored.
      - firewalld_info - respawn module to use the system python interpreter when
        the ``firewall`` python module is not available for ``ansible_python_interpreter``
        (https://github.com/ansible-collections/ansible.posix/pull/460).
      - mount - add no_log option for opts parameter (https://github.com/ansible-collections/ansible.posix/pull/563).
      - seboolean - respawn module to use the system python interpreter when the ``selinux``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      - selinux - respawn module to use the system python interpreter when the ``selinux``
        python module is not available for ``ansible_python_interpreter`` (https://github.com/ansible-collections/ansible.posix/pull/460).
      release_summary: 'This is the minor release of the ``ansible.posix`` collection.
        This changelog contains all changes to the modules and plugins
        in this collection that have been added after the release of
        ``ansible.posix`` 1.5.4.'
      removed_features:
      - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
    fragments:
    - 1.6.0.yml
    - 206_fix_sysctl_to_work_on_symlinks.yml
    - 333_doc_absent_precision.yml
    - 361_maintain_proper_formating_remote_paths.yml
    - 421-remove-deprecation-warning.yml
    - 460-respawn.yaml
    - 466-tests.yml
    - 477_ci_update.yml
    - 484-firewalld-offline.yml
    - 487_ci_update.yml
    - 490_doc_authorized_key_path.yml
    - 496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
    - 504-firewalld_info-warning.yaml
    - 508_ci_update.yml
    - 510_ci_update.yml
    - 511_profile-callbacks-add-summary-only-parameter.yml
    - 548_add_foward.yml
    - 556_remove_skippy_callback.yml
    - 562_update_core_version.yml
    - 563_add_no_log_option.yml
    - dropping-ansible29.yml
    - test-reqs.yml
    release_date: '2024-09-11'
  1.6.1:
    changes:
      bugfixes:
      - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
      - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
      - skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0
        (https://github.com/ansible-collections/ansible.posix/issues/573).
      release_summary: 'This is the bugfix release of the stable version ``ansible.posix``
        collection.
        This changelog contains all changes to the modules and plugins
        in this collection that have been added after the release of
        ``ansible.posix`` 1.6.1.'
    fragments:
    - 1.6.1.yml
    - 365-boot-linux.yml
    - 566_bump_version_161.yml
    - 567_remove_version_added.yml
    - 570_nfs4_acl.yml
    - 571_ci_bump_core_version.yml
    - 572_revert_removal_of_skippy.yml
    release_date: '2024-10-11'
  1.6.2:
    changes:
      bugfixes:
      - backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578).
      release_summary: 'This is the bugfix release of the stable version ``ansible.posix``
        collection.
        This changelog contains all changes to the modules and plugins
        in this collection that have been added after the release of
        ``ansible.posix`` 1.6.1.'
    fragments:
    - 1.6.2.yml
    - 580_drop_ansible214.yml
    release_date: '2024-10-22'
  2.0.0:
    changes:
      breaking_changes:
      - firewalld - Changed the type of forward and masquerade options from str to
        bool (https://github.com/ansible-collections/ansible.posix/issues/582).
      - firewalld - Changed the type of icmp_block_inversion option from str to bool
        (https://github.com/ansible-collections/ansible.posix/issues/586).
      bugfixes:
      - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
      - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
      - mount - If a comment is appended to a fstab entry, state present creates a
        double-entry (https://github.com/ansible-collections/ansible.posix/issues/595).
      minor_changes:
      - authorized_keys - allow using absolute path to a file as a SSH key(s) source
        (https://github.com/ansible-collections/ansible.posix/pull/568)
      - callback plugins - Add recap information to timer, profile_roles and profile_tasks
        callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387).
      release_summary: 'This is the major release of the ``ansible.posix`` collection.
        This changelog contains all changes to the modules and plugins
        in this collection that have been added after the release of
        ``ansible.posix`` 1.6.2'
      removed_features:
      - skippy - Remove skippy pluglin as it is no longer supported(https://github.com/ansible-collections/ansible.posix/issues/350).
    fragments:
    - 2.0.0.yml
    - 365-boot-linux.yml
    - 387_callback_output_header.yml
    - 556_remove_skippy_callback.yml
    - 566_bump_version_161.yml
    - 567_remove_version_added.yml
    - 568_update_authorized_key.yml
    - 570_nfs4_acl.yml
    - 571_ci_bump_core_version.yml
    - 576_bump_version_2.yml
    - 581_ci_selinux.yml
    - 584_firewalld_opt_type.yml
    - 587_update_README.yml
    - 588_ci_enable_devel.yml
    - 593_replace_freebsd_version.yml
    - 597_remove_fstab_comment_on_updating.yml
    - 598_icmp_block_inversion.yml
    release_date: '2024-12-04'
--- a/changelogs/fragments/206_fix_sysctl_to_work_on_symlinks.yml
+++ b/changelogs/fragments/206_fix_sysctl_to_work_on_symlinks.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
 - sysctl - fix sysctl to work properly on symlinks (https://github.com/ansible-collections/ansible.posix/issues/111).
--- a/changelogs/fragments/333_doc_absent_precision.yml
+++ b/changelogs/fragments/333_doc_absent_precision.yml
@ -0,0 +1,4 @@
 ---
 trivial:
 - mount - fix description in the documentation of the state ``absent`` to match its actual behavior
  and point out that ``src`` is ignored with state ``absent`` and ``unmounted`` (https://github.com/ansible-collections/ansible.posix/issues/322)
--- a/changelogs/fragments/421-remove-deprecation-warning.yml
+++ b/changelogs/fragments/421-remove-deprecation-warning.yml
@ -0,0 +1,2 @@
 trivial:
  - synchronize - instantiate the connection plugin without the ``new_stdin`` argument, which is deprecated in ansible-core 2.15 (https://github.com/ansible-collections/ansible.posix/pull/421).
--- a/changelogs/fragments/460-respawn.yaml
+++ b/changelogs/fragments/460-respawn.yaml
@ -0,0 +1,10 @@
 ---
 minor_changes:
  - "seboolean - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "selinux - respawn module to use the system python interpreter when the ``selinux`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "firewalld - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
  - "firewalld_info - respawn module to use the system python interpreter when the ``firewall`` python module is not available for ``ansible_python_interpreter``
    (https://github.com/ansible-collections/ansible.posix/pull/460)."
--- a/changelogs/fragments/466-tests.yml
+++ b/changelogs/fragments/466-tests.yml
@ -0,0 +1,2 @@
 trivial:
  - "Fix integration tests so they work with ansible-core devel / 2.16 (https://github.com/ansible-collections/ansible.posix/pull/466)."
--- a/changelogs/fragments/477_ci_update.yml
+++ b/changelogs/fragments/477_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Drop Python3.9 and update versions of RHEL,Fedora and FreeBSD for ansible-core:devel test(https://github.com/ansible-collections/ansible.posix/issues/476)."
--- a/changelogs/fragments/484-firewalld-offline.yml
+++ b/changelogs/fragments/484-firewalld-offline.yml
@ -0,0 +1,2 @@
 minor_changes:
  - firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)
--- a/changelogs/fragments/487_ci_update.yml
+++ b/changelogs/fragments/487_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Drop FreeBSD12.4 from CI for ansible-core:devel(https://github.com/ansible-collections/ansible.posix/issues/486)."
--- a/changelogs/fragments/490_doc_authorized_key_path.yml
+++ b/changelogs/fragments/490_doc_authorized_key_path.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - "Bugfix in the documentation regarding the path option for authorised_key(https://github.com/ansible-collections/ansible.posix/issues/483)."
--- a/changelogs/fragments/496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
+++ b/changelogs/fragments/496_seboolean-make-it-wrk-with-SELinux-disabled.yaml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - seboolean - make it work with disabled SELinux
--- a/changelogs/fragments/504-firewalld_info-warning.yaml
+++ b/changelogs/fragments/504-firewalld_info-warning.yaml
@ -0,0 +1,2 @@
 minor_changes:
  - firewalld_info - Only warn about ignored zones, when there are zones ignored.
--- a/changelogs/fragments/508_ci_update.yml
+++ b/changelogs/fragments/508_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Refactoring remote CI targets."
--- a/changelogs/fragments/510_ci_update.yml
+++ b/changelogs/fragments/510_ci_update.yml
@ -0,0 +1,3 @@
 ---
 trivial:
  - "Replace Fedora 38 with 39 for container test(https://github.com/ansible-collections/ansible.posix/issues/509)."
--- a/changelogs/fragments/511_profile-callbacks-add-summary-only-parameter.yml
+++ b/changelogs/fragments/511_profile-callbacks-add-summary-only-parameter.yml
@ -0,0 +1,3 @@
 ---
 minor_changes:
  - "Add summary_only parameter to profile_roles and profile_tasks callbacks."
--- a/changelogs/fragments/603_bump_version_3.yml
+++ b/changelogs/fragments/603_bump_version_3.yml
@ -1,2 +0,0 @@
 trivial:
  - Bump version to 3.0.0 for the next release (https://github.com/ansible-collections/ansible.posix/issues/603).
--- a/changelogs/fragments/618_ci_remove_ubuntu2004.yml
+++ b/changelogs/fragments/618_ci_remove_ubuntu2004.yml
@ -1,2 +0,0 @@
 trivial:
  - Remove ubuntu20.04 from CI tests (https://github.com/ansible-collections/ansible.posix/issues/612).
--- a/changelogs/fragments/626_profile_tasks_datetime_format.yml
+++ b/changelogs/fragments/626_profile_tasks_datetime_format.yml
@ -1,3 +0,0 @@
 ---
 minor_changes:
  - profile_tasks - Add option to provide a different date/time format (https://github.com/ansible-collections/ansible.posix/issues/279).
--- a/changelogs/fragments/631_fixes_module_path.yml
+++ b/changelogs/fragments/631_fixes_module_path.yml
@ -1,6 +0,0 @@
 ---
 bugfixes:
  - ansible.posix.cgroup_perf_recap - fixes json module load path (https://github.com/ansible-collections/ansible.posix/issues/630).
 trivial:
  - ansible.posix.seboolean - remove unnecessary condition from seboolean integration tests (https://github.com/ansible-collections/ansible.posix/issues/630).
  - ansible.posix.selinux - optimize conditions for selinux integration tests (https://github.com/ansible-collections/ansible.posix/issues/630).
--- a/changelogs/fragments/dropping-ansible29.yml
+++ b/changelogs/fragments/dropping-ansible29.yml
@ -0,0 +1,2 @@
 major_changes:
  - "Dropping support for Ansible 2.9, ansible-core 2.14 will be minimum required version for this release"
--- a/changelogs/fragments/test-reqs.yml
+++ b/changelogs/fragments/test-reqs.yml
@ -0,0 +1,2 @@
 trivial:
  - "Move Galaxy test requirements from old transitional format in tests/requirements.yml to standard Ansible Galaxy requirements files in tests/integration/requirements.yml and tests/unit/requirements.yml."
--- a/galaxy.yml
+++ b/galaxy.yml
@ -1,7 +1,7 @@
 ---
 namespace: ansible
 name: posix
-version: 3.0.0
+version: 1.5.4
 readme: README.md
 authors:
  - Ansible (github.com/ansible)
@ -10,6 +10,6 @@ license_file: COPYING
 tags: [posix, networking, shell, unix]
 dependencies: {}
 repository: https://github.com/ansible-collections/ansible.posix
-documentation: https://docs.ansible.com/ansible/latest/collections/ansible/posix/
+documentation: https://github.com/ansible-collections/ansible.posix/tree/main/docs
 homepage: https://github.com/ansible-collections/ansible.posix
 issues: https://github.com/ansible-collections/ansible.posix
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@ -1,2 +1,8 @@
 ---
-requires_ansible: ">=2.15.0"
+requires_ansible: ">=2.14.0"
 plugin_routing:
  callback:
    skippy:
      deprecation:
        removal_date: "2022-06-01"
        warning_text: See the plugin documentation for more details
--- a/plugins/action/synchronize.py
+++ b/plugins/action/synchronize.py
@ -74,14 +74,7 @@ class ActionModule(ActionBase):
        if self._host_is_ipv6_address(host):
            return '[%s%s]:%s' % (user_prefix, host, path)
-
+        return '%s%s:%s' % (user_prefix, host, path)
        # preserve formatting of remote paths if host or user@host is explicitly defined in the path
        if ':' not in path:
            return '%s%s:%s' % (user_prefix, host, path)
        elif '@' not in path:
            return '%s%s' % (user_prefix, path)
        else:
            return path
    def _process_origin(self, host, path, user):
--- a/plugins/callback/cgroup_perf_recap.py
+++ b/plugins/callback/cgroup_perf_recap.py
@ -132,7 +132,6 @@ DOCUMENTATION = '''
 import csv
 import datetime
 import json
 import os
 import time
 import threading
@ -143,7 +142,7 @@ from functools import partial
 from ansible.module_utils._text import to_bytes, to_text
 from ansible.module_utils.six import with_metaclass
-from ansible.parsing.ajson import AnsibleJSONEncoder
+from ansible.parsing.ajson import AnsibleJSONEncoder, json
 from ansible.plugins.callback import CallbackBase
--- a/plugins/callback/profile_roles.py
+++ b/plugins/callback/profile_roles.py
@ -128,10 +128,7 @@ class CallbackModule(CallbackBase):
        self._display_tasktime()
    def playbook_on_stats(self, stats):
-        # Align summary report header with other callback plugin summary
+        self._display_tasktime()
        self._display.banner("ROLES RECAP")
        self._display.display(tasktime())
        self._display.display(filled("", fchar="="))
        timestamp(self)
--- a/plugins/callback/profile_tasks.py
+++ b/plugins/callback/profile_tasks.py
@ -52,17 +52,6 @@ DOCUMENTATION = '''
          - section: callback_profile_tasks
            key: summary_only
        version_added: 1.5.0
      datetime_format:
        description:
          - Datetime format, as expected by the C(strftime) and C(strptime) methods.
            An C(iso8601) alias will be translated to C('%Y-%m-%dT%H:%M:%S.%f') if that datetime standard wants to be used.
        default: '%A %d %B %Y  %H:%M:%S %z'
        env:
          - name: PROFILE_TASKS_DATETIME_FORMAT
        ini:
          - section: callback_profile_tasks
            key: datetime_format
        version_added: 3.0.0
 '''
 EXAMPLES = '''
@ -83,15 +72,14 @@ sample output: >
 '''
 import collections
-
+import time
 from datetime import datetime
 from ansible.module_utils.six.moves import reduce
 from ansible.plugins.callback import CallbackBase
 # define start time
-dt0 = dtn = datetime.now().astimezone()
+t0 = tn = time.time()
 def secondsToStr(t):
@ -116,18 +104,17 @@ def filled(msg, fchar="*"):
 def timestamp(self):
    if self.current is not None:
-        elapsed = (datetime.now().astimezone() - self.stats[self.current]['started']).total_seconds()
+        elapsed = time.time() - self.stats[self.current]['started']
        self.stats[self.current]['elapsed'] += elapsed
-def tasktime(self):
+def tasktime():
-    global dtn
+    global tn
-    cdtn = datetime.now().astimezone()
+    time_current = time.strftime('%A %d %B %Y  %H:%M:%S %z')
-    datetime_current = cdtn.strftime(self.datetime_format)
+    time_elapsed = secondsToStr(time.time() - tn)
-    time_elapsed = secondsToStr((cdtn - dtn).total_seconds())
+    time_total_elapsed = secondsToStr(time.time() - t0)
-    time_total_elapsed = secondsToStr((cdtn - dt0).total_seconds())
+    tn = time.time()
-    dtn = cdtn
+    return filled('%s (%s)%s%s' % (time_current, time_elapsed, ' ' * 7, time_total_elapsed))
    return filled('%s (%s)%s%s' % (datetime_current, time_elapsed, ' ' * 7, time_total_elapsed))
 class CallbackModule(CallbackBase):
@ -147,7 +134,6 @@ class CallbackModule(CallbackBase):
        self.sort_order = None
        self.summary_only = None
        self.task_output_limit = None
        self.datetime_format = None
        super(CallbackModule, self).__init__()
@ -173,14 +159,9 @@ class CallbackModule(CallbackBase):
            else:
                self.task_output_limit = int(self.task_output_limit)
        self.datetime_format = self.get_option('datetime_format')
        if self.datetime_format is not None:
            if self.datetime_format == 'iso8601':
                self.datetime_format = '%Y-%m-%dT%H:%M:%S.%f'
    def _display_tasktime(self):
        if not self.summary_only:
-            self._display.display(tasktime(self))
+            self._display.display(tasktime())
    def _record_task(self, task):
        """
@ -195,11 +176,10 @@ class CallbackModule(CallbackBase):
        #            with the same UUID is executed when `serial` is specified in a playbook.
        #   elapsed: Elapsed time since the first serialized task was started
        self.current = task._uuid
        dtn = datetime.now().astimezone()
        if self.current not in self.stats:
-            self.stats[self.current] = {'started': dtn, 'elapsed': 0.0, 'name': task.get_name()}
+            self.stats[self.current] = {'started': time.time(), 'elapsed': 0.0, 'name': task.get_name()}
        else:
-            self.stats[self.current]['started'] = dtn
+            self.stats[self.current]['started'] = time.time()
        if self._display.verbosity >= 2:
            self.stats[self.current]['path'] = task.get_path()
@ -213,10 +193,7 @@ class CallbackModule(CallbackBase):
        self._display_tasktime()
    def playbook_on_stats(self, stats):
-        # Align summary report header with other callback plugin summary
+        self._display_tasktime()
        self._display.banner("TASKS RECAP")
        self._display.display(tasktime(self))
        self._display.display(filled("", fchar="="))
        timestamp(self)
--- a/plugins/callback/skippy.py
+++ b/plugins/callback/skippy.py
@ -0,0 +1,43 @@
 # (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
 # (c) 2017 Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 # Make coding more python3-ish
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 DOCUMENTATION = '''
    name: skippy
    type: stdout
    requirements:
      - set as main display callback
    short_description: Ansible screen output that ignores skipped status
    deprecated:
      why: The 'default' callback plugin now supports this functionality
      removed_at_date: '2022-06-01'
      alternative: "'default' callback plugin with 'display_skipped_hosts = no' option"
    extends_documentation_fragment:
      - default_callback
    description:
      - This callback does the same as the default except it does not output skipped host/task/item status
 '''
 from ansible.plugins.callback.default import CallbackModule as CallbackModule_default
 class CallbackModule(CallbackModule_default):
    '''
    This is the default callback interface, which simply prints messages
    to stdout when new callback events are received.
    '''
    CALLBACK_VERSION = 2.0
    CALLBACK_TYPE = 'stdout'
    CALLBACK_NAME = 'ansible.posix.skippy'
    def v2_runner_on_skipped(self, result):
        pass
    def v2_runner_item_on_skipped(self, result):
        pass
--- a/plugins/callback/timer.py
+++ b/plugins/callback/timer.py
@ -46,6 +46,4 @@ class CallbackModule(CallbackBase):
    def v2_playbook_on_stats(self, stats):
        end_time = datetime.utcnow()
        runtime = end_time - self.start_time
-        # Align summary report header with other callback plugin summary
+        self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds" % (self.days_hours_minutes_seconds(runtime)))
        self._display.banner("PLAYBOOK RECAP")
        self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds\n\r" % (self.days_hours_minutes_seconds(runtime)))
--- a/plugins/modules/acl.py
+++ b/plugins/modules/acl.py
@ -75,10 +75,6 @@ options:
  use_nfsv4_acls:
    description:
    - Use NFSv4 ACLs instead of POSIX ACLs.
    - This feature uses C(nfs4_setfacl) and C(nfs4_getfacl). The behavior depends on those implementation.
      And currently it only supports C(A) in ACE, so C(D) must be replaced with the appropriate C(A).
    - Permission is set as optimised ACLs by the system. You can check the actual ACLs that has been set using the return value.
    - More info C(man nfs4_setfacl)
    type: bool
    default: false
  recalculate_mask:
@ -183,7 +179,7 @@ def split_entry(entry):
 def build_entry(etype, entity, permissions=None, use_nfsv4_acls=False):
    '''Builds and returns an entry string. Does not include the permissions bit if they are not provided.'''
    if use_nfsv4_acls:
-        return ':'.join(['A', 'g' if etype == 'group' else '', entity, permissions + 'tcy'])
+        return ':'.join([etype, entity, permissions, 'allow'])
    if permissions:
        return etype + ':' + entity + ':' + permissions
@ -191,27 +187,22 @@ def build_entry(etype, entity, permissions=None, use_nfsv4_acls=False):
    return etype + ':' + entity
-def build_command(module, mode, path, follow, default, recursive, recalculate_mask, use_nfsv4_acls, entry=''):
+def build_command(module, mode, path, follow, default, recursive, recalculate_mask, entry=''):
    '''Builds and returns a getfacl/setfacl command.'''
    if mode == 'set':
-        cmd = [module.get_bin_path('nfs4_setfacl' if use_nfsv4_acls else 'setfacl', True)]
+        cmd = [module.get_bin_path('setfacl', True)]
-        cmd.extend(['-a' if use_nfsv4_acls else '-m', entry])
+        cmd.extend(['-m', entry])
    elif mode == 'rm':
-        cmd = [module.get_bin_path('nfs4_setfacl' if use_nfsv4_acls else 'setfacl', True)]
+        cmd = [module.get_bin_path('setfacl', True)]
        cmd.extend(['-x', entry])
    else:  # mode == 'get'
        cmd = [module.get_bin_path('getfacl', True)]
        # prevents absolute path warnings and removes headers
        if platform.system().lower() == 'linux':
            if use_nfsv4_acls:
                # use nfs4_getfacl instead of getfacl if use_nfsv4_acls is True
                cmd = [module.get_bin_path('nfs4_getfacl', True)]
            else:
                cmd = [module.get_bin_path('getfacl', True)]
                cmd.append('--absolute-names')
            cmd.append('--omit-header')
            cmd.append('--absolute-names')
-    if recursive and not use_nfsv4_acls:
+    if recursive:
        cmd.append('--recursive')
    if recalculate_mask == 'mask' and mode in ['set', 'rm']:
@ -219,7 +210,7 @@ def build_command(module, mode, path, follow, default, recursive, recalculate_ma
    elif recalculate_mask == 'no_mask' and mode in ['set', 'rm']:
        cmd.append('--no-mask')
-    if not follow and not use_nfsv4_acls:
+    if not follow:
        if platform.system().lower() == 'linux':
            cmd.append('--physical')
        elif platform.system().lower() == 'freebsd':
@ -232,34 +223,24 @@ def build_command(module, mode, path, follow, default, recursive, recalculate_ma
    return cmd
-def acl_changed(module, cmd, entry, use_nfsv4_acls=False):
+def acl_changed(module, cmd):
    '''Returns true if the provided command affects the existing ACLs, false otherwise.'''
-    # To check the ACL changes, use the output of setfacl or nfs4_setfacl with '--test'.
+    # FreeBSD do not have a --test flag, so by default, it is safer to always say "true"
    # FreeBSD do not have a --test flag, so by default, it is safer to always say "true".
    if platform.system().lower() == 'freebsd':
        return True
    cmd = cmd[:]  # lists are mutables so cmd would be overwritten without this
    cmd.insert(1, '--test')
    lines = run_acl(module, cmd)
    counter = 0
    for line in lines:
        if line.endswith('*,*') and not use_nfsv4_acls:
            return False
        # if use_nfsv4_acls and entry is listed
        if use_nfsv4_acls and entry == line:
            counter += 1
-    # The current 'nfs4_setfacl --test' lists a new entry,
+    for line in lines:
-    #  which will be added at the top of list, followed by the existing entries.
+        if not line.endswith('*,*'):
-    # So if the entry has already been registered, the entry should be find twice.
+            return True
-    if counter == 2:
+    return False
        return False
    return True
 def run_acl(module, cmd, check_rc=True):
-    '''Runs the provided command and returns the output as a list of lines.'''
+
    try:
        (rc, out, err) = module.run_command(cmd, check_rc=check_rc)
    except Exception as e:
@ -332,7 +313,7 @@ def main():
            module.fail_json(msg="'recalculate_mask' MUST NOT be set to 'mask' or 'no_mask' when 'state=query'.")
    if not entry:
-        if state == 'absent' and permissions and not use_nfsv4_acls:
+        if state == 'absent' and permissions:
            module.fail_json(msg="'permissions' MUST NOT be set when 'state=absent'.")
        if state == 'absent' and not entity:
@ -369,24 +350,21 @@ def main():
        entry = build_entry(etype, entity, permissions, use_nfsv4_acls)
        command = build_command(
            module, 'set', path, follow,
-            default, recursive, recalculate_mask, use_nfsv4_acls, entry
+            default, recursive, recalculate_mask, entry
        )
-        changed = acl_changed(module, command, entry, use_nfsv4_acls)
+        changed = acl_changed(module, command)
        if changed and not module.check_mode:
            run_acl(module, command)
        msg = "%s is present" % entry
    elif state == 'absent':
-        if use_nfsv4_acls:
+        entry = build_entry(etype, entity, use_nfsv4_acls)
            entry = build_entry(etype, entity, permissions, use_nfsv4_acls)
        else:
            entry = build_entry(etype, entity, use_nfsv4_acls)
        command = build_command(
            module, 'rm', path, follow,
-            default, recursive, recalculate_mask, use_nfsv4_acls, entry
+            default, recursive, recalculate_mask, entry
        )
-        changed = acl_changed(module, command, entry, use_nfsv4_acls)
+        changed = acl_changed(module, command)
        if changed and not module.check_mode:
            run_acl(module, command, False)
@ -397,10 +375,7 @@ def main():
    acl = run_acl(
        module,
-        build_command(
+        build_command(module, 'get', path, follow, default, recursive, recalculate_mask)
            module, 'get', path, follow, default, recursive,
            recalculate_mask, use_nfsv4_acls
        )
    )
    module.exit_json(changed=changed, msg=msg, acl=acl)
--- a/plugins/modules/authorized_key.py
+++ b/plugins/modules/authorized_key.py
@ -24,7 +24,6 @@ options:
  key:
    description:
      - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
      - You can also use V(file://) prefix to search remote for a file with SSH key(s).
    type: str
    required: true
  path:
@ -97,12 +96,6 @@ EXAMPLES = r'''
    state: present
    key: https://github.com/charlie.keys
 - name: Set authorized keys taken from path on controller node
  ansible.posix.authorized_key:
    user: charlie
    state: present
    key: file:///home/charlie/.ssh/id_rsa.pub
 - name: Set authorized keys taken from url using lookup
  ansible.posix.authorized_key:
    user: charlie
@ -230,7 +223,6 @@ from operator import itemgetter
 from ansible.module_utils._text import to_native
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.urls import fetch_url
 from ansible.module_utils.six.moves.urllib.parse import urlparse
 class keydict(dict):
@ -564,7 +556,7 @@ def enforce_state(module, params):
    follow = params.get('follow', False)
    error_msg = "Error getting key from: %s"
-    # if the key is a url or file, request it and use it as key source
+    # if the key is a url, request it and use it as key source
    if key.startswith("http"):
        try:
            resp, info = fetch_url(module, key)
@ -578,19 +570,6 @@ def enforce_state(module, params):
        # resp.read gives bytes on python3, convert to native string type
        key = to_native(key, errors='surrogate_or_strict')
    if key.startswith("file"):
        # if the key is an absolute path, check for existense and use it as a key source
        key_path = urlparse(key).path
        if not os.path.exists(key_path):
            module.fail_json(msg="Path to a key file not found: %s" % key_path)
        if not os.path.isfile(key_path):
            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key_path)
        try:
            with open(key_path, 'r') as source_fh:
                key = source_fh.read()
        except OSError as e:
            module.fail_json(msg="Failed to read key file %s : %s" % (key_path, to_native(e)))
    # extract individual keys into an array, skipping blank lines and comments
    new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
--- a/plugins/modules/firewalld.py
+++ b/plugins/modules/firewalld.py
@ -74,8 +74,7 @@ options:
  icmp_block_inversion:
    description:
      - Enable/Disable inversion of ICMP blocks for a zone in firewalld.
-      - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later.
+    type: str
    type: bool
  zone:
    description:
      - The firewalld zone to add/remove to/from.
@ -109,17 +108,10 @@ options:
      - The amount of time in seconds the rule should be in effect for when non-permanent.
    type: int
    default: 0
  forward:
    description:
      - The forward setting you would like to enable/disable to/from zones within firewalld.
      - This option only is supported by firewalld v0.9.0 or later.
      - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later.
    type: bool
  masquerade:
    description:
      - The masquerade setting you would like to enable/disable to/from zones within firewalld.
-      - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later.
+    type: str
    type: bool
  offline:
    description:
      - Ignores O(immediate) if O(permanent=true) and firewalld is not running.
@ -146,14 +138,14 @@ notes:
  - This module needs C(python-firewall) or C(python3-firewall) on managed nodes.
    It is usually provided as a subset with C(firewalld) from the OS distributor for the OS default Python interpreter.
 requirements:
- firewalld >= 0.9.0
+- firewalld >= 0.2.11
- python-firewall >= 0.9.0
+- python-firewall >= 0.2.11
 author:
 - Adam Miller (@maxamillion)
 '''
 EXAMPLES = r'''
- name: Permanently enable https service, also enable it immediately if possible
+- name: permanently enable https service, also enable it immediately if possible
  ansible.posix.firewalld:
    service: https
    state: enabled
@ -161,92 +153,75 @@ EXAMPLES = r'''
    immediate: true
    offline: true
- name: Permit traffic in default zone for https service
+- name: permit traffic in default zone for https service
  ansible.posix.firewalld:
    service: https
    permanent: true
    state: enabled
- name: Permit ospf traffic
+- name: permit ospf traffic
  ansible.posix.firewalld:
    protocol: ospf
    permanent: true
    state: enabled
- name: Do not permit traffic in default zone on port 8081/tcp
+- name: do not permit traffic in default zone on port 8081/tcp
  ansible.posix.firewalld:
    port: 8081/tcp
    permanent: true
    state: disabled
- name: Permit traffic in default zone on port 161-162/ucp
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    port: 161-162/udp
    permanent: true
    state: enabled
- name: Permit traffic in dmz zone on http service
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: dmz
    service: http
    permanent: true
    state: enabled
- name: Enable FTP service with rate limiting using firewalld rich rule
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    rich_rule: rule service name="ftp" audit limit value="1/m" accept
    permanent: true
    state: enabled
- name: Allow traffic from 192.0.2.0/24 in internal zone
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    source: 192.0.2.0/24
    zone: internal
    state: enabled
- name: Assign eth2 interface to trusted zone
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: trusted
    interface: eth2
    permanent: true
    state: enabled
- name: Enable forwarding in internal zone
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    forward: true
    state: enabled
    permanent: true
    zone: internal
 - name: Enable masquerade in dmz zone
  ansible.posix.firewalld:
    masquerade: true
    state: enabled
    permanent: true
    zone: dmz
- name: Create custom zone if not already present
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: custom
    state: present
    permanent: true
- name: Enable ICMP block inversion in drop zone
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: drop
    state: enabled
    permanent: true
    icmp_block_inversion: true
- name: Block ICMP echo requests in drop zone
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: drop
    state: enabled
    permanent: true
    icmp_block: echo-request
- name: Set internal zone target to ACCEPT
+- ansible.posix.firewalld:
  ansible.posix.firewalld:
    zone: internal
    state: present
    permanent: true
@ -262,6 +237,7 @@ EXAMPLES = r'''
 '''
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.parsing.convert_bool import boolean
 from ansible_collections.ansible.posix.plugins.module_utils.firewalld import FirewallTransaction, fw_offline
 try:
@ -429,49 +405,6 @@ class ProtocolTransaction(FirewallTransaction):
        self.update_fw_settings(fw_zone, fw_settings)
 class ForwardTransaction(FirewallTransaction):
    """
    ForwardTransaction
    """
    def __init__(self, module, action_args=None, zone=None, desired_state=None, permanent=False, immediate=False):
        super(ForwardTransaction, self).__init__(
            module, action_args=action_args, desired_state=desired_state, zone=zone, permanent=permanent, immediate=immediate
        )
        self.enabled_msg = "Added forward to zone %s" % self.zone
        self.disabled_msg = "Removed forward from zone %s" % self.zone
    def get_enabled_immediate(self):
        if self.fw.queryForward(self.zone) is True:
            return True
        else:
            return False
    def get_enabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        if fw_settings.queryForward() is True:
            return True
        else:
            return False
    def set_enabled_immediate(self):
        self.fw.addForward(self.zone)
    def set_enabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        fw_settings.setForward(True)
        self.update_fw_settings(fw_zone, fw_settings)
    def set_disabled_immediate(self):
        self.fw.removeForward(self.zone)
    def set_disabled_permanent(self):
        fw_zone, fw_settings = self.get_fw_zone_settings()
        fw_settings.setForward(False)
        self.update_fw_settings(fw_zone, fw_settings)
 class MasqueradeTransaction(FirewallTransaction):
    """
    MasqueradeTransaction
@ -875,7 +808,7 @@ def main():
    module = AnsibleModule(
        argument_spec=dict(
            icmp_block=dict(type='str'),
-            icmp_block_inversion=dict(type='bool'),
+            icmp_block_inversion=dict(type='str'),
            service=dict(type='str'),
            protocol=dict(type='str'),
            port=dict(type='str'),
@ -888,8 +821,7 @@ def main():
            state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
            timeout=dict(type='int', default=0),
            interface=dict(type='str'),
-            forward=dict(type='bool'),
+            masquerade=dict(type='str'),
            masquerade=dict(type='bool'),
            offline=dict(type='bool', default=False),
            target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
        ),
@ -901,7 +833,7 @@ def main():
        ),
        mutually_exclusive=[
            ['icmp_block', 'icmp_block_inversion', 'service', 'protocol', 'port', 'port_forward', 'rich_rule',
-             'interface', 'forward', 'masquerade', 'source', 'target']
+             'interface', 'masquerade', 'source', 'target']
        ],
    )
@ -910,7 +842,6 @@ def main():
    immediate = module.params['immediate']
    timeout = module.params['timeout']
    interface = module.params['interface']
    forward = module.params['forward']
    masquerade = module.params['masquerade']
    offline = module.params['offline']
@ -974,7 +905,7 @@ def main():
    modification = False
    if any([icmp_block, icmp_block_inversion, service, protocol, port, port_forward, rich_rule,
-            interface, forward, masquerade, source, target]):
+            interface, masquerade, source, target]):
        modification = True
    if modification and desired_state in ['absent', 'present'] and target is None:
        module.fail_json(
@ -998,7 +929,16 @@ def main():
            msgs.append("Changed icmp-block %s to %s" % (icmp_block, desired_state))
    if icmp_block_inversion is not None:
-        expected_state = 'enabled' if (desired_state == 'enabled') == icmp_block_inversion else 'disabled'
+        # Type of icmp_block_inversion will be changed to boolean in a future release.
        icmp_block_inversion_status = True
        try:
            icmp_block_inversion_status = boolean(icmp_block_inversion, True)
        except TypeError:
            module.warn('The value of the icmp_block_inversion option is "%s". '
                        'The type of the option will be changed from string to boolean in a future release. '
                        'To avoid unexpected behavior, please change the value to boolean.' % icmp_block_inversion)
        expected_state = 'enabled' if (desired_state == 'enabled') == icmp_block_inversion_status else 'disabled'
        transaction = IcmpBlockInversionTransaction(
            module,
            action_args=(),
@ -1132,22 +1072,17 @@ def main():
        changed, transaction_msgs = transaction.run()
        msgs = msgs + transaction_msgs
    if forward is not None:
        expected_state = 'enabled' if (desired_state == 'enabled') == forward else 'disabled'
        transaction = ForwardTransaction(
            module,
            action_args=(),
            zone=zone,
            desired_state=expected_state,
            permanent=permanent,
            immediate=immediate,
        )
        changed, transaction_msgs = transaction.run()
        msgs = msgs + transaction_msgs
    if masquerade is not None:
-        expected_state = 'enabled' if (desired_state == 'enabled') == masquerade else 'disabled'
+        # Type of masquerade will be changed to boolean in a future release.
        masquerade_status = True
        try:
            masquerade_status = boolean(masquerade, True)
        except TypeError:
            module.warn('The value of the masquerade option is "%s". '
                        'The type of the option will be changed from string to boolean in a future release. '
                        'To avoid unexpected behavior, please change the value to boolean.' % masquerade)
        expected_state = 'enabled' if (desired_state == 'enabled') == masquerade_status else 'disabled'
        transaction = MasqueradeTransaction(
            module,
            action_args=(),
--- a/plugins/modules/mount.py
+++ b/plugins/modules/mount.py
@ -43,11 +43,6 @@ options:
    description:
      - Mount options (see fstab(5), or vfstab(4) on Solaris).
    type: str
  opts_no_log:
    description:
      - Do not log opts.
    type: bool
    default: false
  dump:
    description:
      - Dump (see fstab(5)).
@ -214,7 +209,6 @@ EXAMPLES = r'''
    src: //192.168.1.200/share
    path: /mnt/smb_share
    opts: "rw,vers=3,file_mode=0600,dir_mode=0700,dom={{ ad_domain }},username={{ ad_username }},password={{ ad_password }}"
    opts_no_log: true
    fstype: cifs
    state: ephemeral
 '''
@ -303,7 +297,7 @@ def _set_mount_save_old(module, args):
            continue
-        fields = line.split('#')[0].split()
+        fields = line.split()
        # Check if we got a valid line for splitting
        # (on Linux the 5th and the 6th field is optional)
@ -774,7 +768,6 @@ def main():
            fstype=dict(type='str'),
            path=dict(type='path', required=True, aliases=['name']),
            opts=dict(type='str'),
            opts_no_log=dict(type='bool', default=False),
            passno=dict(type='str', no_log=False, default='0'),
            src=dict(type='path'),
            backup=dict(type='bool', default=False),
@ -788,9 +781,6 @@ def main():
        ),
    )
    if module.params['opts_no_log']:
        module.no_log_values.add(module.params['opts'])
    # solaris args:
    #   name, src, fstype, opts, boot, passno, state, fstab=/etc/vfstab
    # linux args:
@ -850,8 +840,11 @@ def main():
            args['warnings'].append("Ignore the 'boot' due to 'opts' contains 'noauto'.")
        elif not module.params['boot']:
            args['boot'] = 'no'
-            opts.append('noauto')
+            if 'defaults' in opts:
-            args['opts'] = ','.join(opts)
+                args['warnings'].append("Ignore the 'boot' due to 'opts' contains 'defaults'.")
            else:
                opts.append('noauto')
                args['opts'] = ','.join(opts)
    # If fstab file does not exist, we first need to create it. This mainly
    # happens when fstab option is passed to the module.
--- a/plugins/modules/sysctl.py
+++ b/plugins/modules/sysctl.py
@ -80,13 +80,6 @@ EXAMPLES = r'''
    sysctl_file: /tmp/test_sysctl.conf
    reload: false
 # Enable resource limits management in FreeBSD
 - ansible.posix.sysctl:
    name: kern.racct.enable
    value: '1'
    sysctl_file: /boot/loader.conf
    reload: false
 # Set ip forwarding on in /proc and verify token value with the sysctl command
 - ansible.posix.sysctl:
    name: net.ipv4.ip_forward
--- a/tests/integration/targets/authorized_key/defaults/main.yml
+++ b/tests/integration/targets/authorized_key/defaults/main.yml
@ -35,5 +35,3 @@ multiple_keys_comments: |
  ssh-rsa DATA_BASIC 1@testing
  # I like adding comments yo-dude-this-is-not-a-key INVALID_DATA 2@testing
  ecdsa-sha2-nistp521 ECDSA_DATA 4@testing
 key_path: /tmp/id_rsa.pub
--- a/tests/integration/targets/authorized_key/tasks/check_path.yml
+++ b/tests/integration/targets/authorized_key/tasks/check_path.yml
@ -1,32 +0,0 @@
 ---
 - name: Create key file for test
  ansible.builtin.copy:
    dest: "{{ key_path }}"
    content: "{{ rsa_key_basic }}"
    mode: "0600"
 - name: Add key using path
  ansible.posix.authorized_key:
    user: root
    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
 - name: Assert that the key was added
  ansible.builtin.assert:
    that:
      - result.changed == true
 - name: Add key using path again
  ansible.posix.authorized_key:
    user: root
    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
 - name: Assert that no changes were applied
  ansible.builtin.assert:
    that:
      - result.changed == false
--- a/tests/integration/targets/authorized_key/tasks/main.yml
+++ b/tests/integration/targets/authorized_key/tasks/main.yml
@ -31,6 +31,3 @@
 - name: Test for the management of comments with key
  ansible.builtin.import_tasks: comments.yml
 - name: Test for specifying key as a path
  ansible.builtin.import_tasks: check_path.yml
--- a/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/icmp_block_inversion_test_cases.yml
@ -114,3 +114,60 @@
      ansible.builtin.assert:
        that:
          - result is not changed
 # Validate backwards compatible behavior until icmp block inversion is switched from string to boolean type
 - name: Icmp block inversion enabled when icmp block inversion is non-boolean string and state is enabled
  block:
    - name: Testing enable icmp block inversion
      ansible.posix.firewalld:
        zone: trusted
        icmp_block_inversion: some string
        permanent: true
        state: enabled
      register: result
    - name: Assert icmp block inversion is enabled
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Testing enable icmp block inversion (verify not changed)
      ansible.posix.firewalld:
        zone: trusted
        icmp_block_inversion: some string
        permanent: true
        state: enabled
      register: result
    - name: Assert icmp block inversion is enabled (verify not changed)
      ansible.builtin.assert:
        that:
          - result is not changed
 - name: Icmp block inversion disabled when icmp block inversion is non-boolean string and state is disabled
  block:
    - name: Testing disable icmp block inversion
      ansible.posix.firewalld:
        zone: trusted
        icmp_block_inversion: some string
        permanent: true
        state: disabled
      register: result
    - name: Assert icmp block inversion is disabled
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Testing disable icmp block inversion (verify not changed)
      ansible.posix.firewalld:
        zone: trusted
        icmp_block_inversion: some string
        permanent: true
        state: disabled
      register: result
    - name: Assert icmp block inversion is disabled (verify not changed)
      ansible.builtin.assert:
        that:
          - result is not changed
--- a/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml
@ -114,3 +114,60 @@
      ansible.builtin.assert:
        that:
          - result is not changed
 # Validate backwards compatible behavior until masquerade is switched from string to boolean type
 - name: Masquerade enabled when masquerade is non-boolean string and state is enabled
  block:
    - name: Testing enable masquerade
      ansible.posix.firewalld:
        zone: trusted
        masquerade: some string
        permanent: true
        state: enabled
      register: result
    - name: Assert masquerade is enabled
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Testing enable masquerade (verify not changed)
      ansible.posix.firewalld:
        zone: trusted
        masquerade: some string
        permanent: true
        state: enabled
      register: result
    - name: Assert masquerade is enabled (verify not changed)
      ansible.builtin.assert:
        that:
          - result is not changed
 - name: Masquerade disabled when masquerade is non-boolean string and state is disabled
  block:
    - name: Testing disable masquerade
      ansible.posix.firewalld:
        zone: trusted
        masquerade: some string
        permanent: true
        state: disabled
      register: result
    - name: Assert masquerade is disabled
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Testing disable masquerade (verify not changed)
      ansible.posix.firewalld:
        zone: trusted
        masquerade: some string
        permanent: true
        state: disabled
      register: result
    - name: Assert masquerade is disabled (verify not changed)
      ansible.builtin.assert:
        that:
          - result is not changed
--- a/tests/integration/targets/firewalld/tasks/source_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/source_test_cases.yml
@ -83,6 +83,5 @@
  ansible.builtin.assert:
    that:
      - result is not changed
-      - >
+      - "result.msg ==
-        result.msg == 'parameters are mutually exclusive:
+        'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target'"
        icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|forward|masquerade|source|target'
--- a/tests/integration/targets/firewalld/tasks/zone_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/zone_test_cases.yml
@ -23,55 +23,6 @@
    that:
      - result is not changed
 - name: Zone forwarding test
  when: (ansible_distribution == 'RedHat' and ansible_distribution_major_version is version('8', '>='))
  block:
    - name: Enable zone forwarding
      ansible.posix.firewalld:
        zone: custom
        forward: true
        permanent: true
        state: enabled
      register: result
    - name: Assert zone forwarding is enabled
      ansible.builtin.debug:
        var: result is changed
    - name: Enable zone forwarding (verify not changed)
      ansible.posix.firewalld:
        zone: custom
        forward: true
        permanent: true
        state: enabled
      register: result
    - name: Assert zone forwarding is enabled (verify not changed)
      ansible.builtin.debug:
        var: result is not changed
    - name: Disable zone forwarding
      ansible.posix.firewalld:
        zone: custom
        forward: false
        permanent: true
        state: enabled
    - name: Assert zone forwarding is disabled
      ansible.builtin.debug:
        var: result is changed
    - name: Disable zone forwarding (verify not changed)
      ansible.posix.firewalld:
        zone: custom
        forward: false
        permanent: true
        state: enabled
    - name: Assert zone forwarding is disabled (verify not changed)
      ansible.builtin.debug:
        var: result is not changed
 - name: Firewalld remove zone custom
  ansible.posix.firewalld:
    zone: custom
--- a/tests/integration/targets/mount/tasks/main.yml
+++ b/tests/integration/targets/mount/tasks/main.yml
@ -1,4 +1,3 @@
 # SETUP ################################################################################
 - name: Install dependencies (Linux)
  ansible.builtin.package:
    name: e2fsprogs
@ -111,42 +110,6 @@
    mode: '0644'
  register: orig_info
 # BIND MOUNT ################################################################################
 # bind mount check mode
 - name: Bind mount a filesystem (Linux) (check mode)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
    name: '{{ output_dir }}/mount_dest'
    state: mounted
    fstype: None
    opts: bind
  when: ansible_system == 'Linux'
  register: bind_result_linux_dry_run
  check_mode: true
 - name: Bind mount a filesystem (FreeBSD) (check mode)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
    name: '{{ output_dir }}/mount_dest'
    state: mounted
    fstype: nullfs
  when: ansible_system == 'FreeBSD'
  register: bind_result_freebsd_dry_run
  check_mode: true
 - name: Attempt to stat bind mounted file
  ansible.builtin.stat:
    path: '{{ output_dir }}/mount_dest/test_file'
  when: ansible_system in ('FreeBSD', 'Linux')
  register: dest_stat
 - name: Assert the bind mount did not take place
  ansible.builtin.assert:
    that:
      - not dest_stat['stat']['exists']
  when: ansible_system in ('FreeBSD', 'Linux')
 # bind mount
 - name: Bind mount a filesystem (Linux)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
@ -205,48 +168,6 @@
      - (ansible_system == 'Linux' and not bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and not bind_result_freebsd['changed'])
  when: ansible_system in ('FreeBSD', 'Linux')
 # remount check mode
 - name: Remount filesystem with different opts (Linux) (check mode)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
    name: '{{ output_dir }}/mount_dest'
    state: mounted
    fstype: None
    opts: bind,ro
  when: ansible_system == 'Linux'
  register: bind_result_linux
  check_mode: true
 - name: Remount filesystem with different opts (FreeBSD) (check mode)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
    name: '{{ output_dir }}/mount_dest'
    state: mounted
    fstype: nullfs
    opts: ro
  when: ansible_system == 'FreeBSD'
  register: bind_result_freebsd
  check_mode: true
 - name: Get mount options
  ansible.builtin.shell:
    cmd: set -o pipefail && mount | grep mount_dest | grep -c -E -w '(ro|read-only)'
    executable: "{{ shell_executable }}"
  changed_when: false
  failed_when: false
  register: new_options_count
 - name: Make sure the filesystem does not have the new opts
  ansible.builtin.assert:
    that:
      - linux_and_changed or freebsd_and_changed
      - new_options_count.stdout | int == 0
  vars:
    linux_and_changed: "{{ ansible_system == 'Linux' and bind_result_linux_dry_run['changed'] }}"
    freebsd_and_changed: "{{ ansible_system == 'FreeBSD' and bind_result_freebsd['changed'] }}"
  when: ansible_system in ('FreeBSD', 'Linux')
 # remount
 - name: Remount filesystem with different opts (Linux)
  ansible.posix.mount:
    src: '{{ output_dir }}/mount_source'
@ -282,29 +203,6 @@
      - 1 == remount_options.stdout_lines | length
  when: ansible_system in ('FreeBSD', 'Linux')
 # unmount check mode
 - name: Unmount the bind mount (check mode)
  ansible.posix.mount:
    name: '{{ output_dir }}/mount_dest'
    state: absent
  when: ansible_system in ('Linux', 'FreeBSD')
  register: unmount_result
  check_mode: true
 - name: Make sure the file still exists in dest
  ansible.builtin.stat:
    path: '{{ output_dir }}/mount_dest/test_file'
  when: ansible_system in ('FreeBSD', 'Linux')
  register: dest_stat
 - name: Check that we did not unmount
  ansible.builtin.assert:
    that:
      - unmount_result['changed']
      - dest_stat['stat']['exists']
  when: ansible_system in ('FreeBSD', 'Linux')
 # unmount
 - name: Unmount the bind mount
  ansible.posix.mount:
    name: '{{ output_dir }}/mount_dest'
@ -325,36 +223,9 @@
      - not dest_stat['stat']['exists']
  when: ansible_system in ('FreeBSD', 'Linux')
-# SWAP #############################################################
+- name: Block to test remounted option
 - name: Swap
  when: ansible_system in ('Linux')
  block:
    # mount swap check mode
    - name: Stat /etc/fstab
      ansible.builtin.stat:
        path: /etc/fstab
      register: stat_fstab_before
    - name: Create fstab record for the first swap file (check mode)
      ansible.posix.mount:
        name: none
        src: /tmp/swap1
        opts: sw
        fstype: swap
        state: present
      check_mode: true
    - name: Stat /etc/fstab
      ansible.builtin.stat:
        path: /etc/fstab
      register: stat_fstab_after
    - name: Assert that fstab checksum did not change
      ansible.builtin.assert:
        that:
          - stat_fstab_before.stat.checksum == stat_fstab_after.stat.checksum
    # mount swap1
    - name: Create fstab record for the first swap file
      ansible.posix.mount:
        name: none
@ -379,7 +250,6 @@
          - swap1_created['changed']
          - not swap1_created_again['changed']
    # mount swap2
    - name: Create fstab record for the second swap file
      ansible.posix.mount:
        name: none
@ -404,30 +274,6 @@
          - swap2_created['changed']
          - not swap2_created_again['changed']
    # remove swap check mode
    - name: Stat /etc/fstab
      ansible.builtin.stat:
        path: /etc/fstab
      register: stat_fstab_before
    - name: Remove the fstab record for the first swap file (check mode)
      ansible.posix.mount:
        name: none
        src: /tmp/swap1
        state: absent
      check_mode: true
    - name: Stat /etc/fstab
      ansible.builtin.stat:
        path: /etc/fstab
      register: stat_fstab_after
    - name: Assert that fstab checksum did not change
      ansible.builtin.assert:
        that:
          - stat_fstab_before.stat.checksum == stat_fstab_after.stat.checksum
    # remove swap1
    - name: Remove the fstab record for the first swap file
      ansible.posix.mount:
        name: none
@ -448,7 +294,6 @@
          - swap1_removed['changed']
          - not swap1_removed_again['changed']
    # remove swap2
    - name: Remove the fstab record for the second swap file
      ansible.posix.mount:
        name: none
@ -469,10 +314,6 @@
          - swap2_removed['changed']
          - not swap2_removed_again['changed']
 # FIXUP #############################################################
 - name: Fix incomplete entry already present in fstab
  when: ansible_system == 'Linux'
  block:
    - name: Create fstab record with missing last two fields
      ansible.builtin.copy:
        dest: /etc/fstab
@ -502,11 +343,6 @@
          - ''' 0 0'' in optional_fields_content.stdout'
          - 1 == optional_fields_content.stdout_lines | length
 # REMOUNTED #############################################################
 - name: Block to test remounted option
  when: ansible_system in ('Linux')
  block:
    # setup
    - name: Create empty file
      community.general.filesize:
        path: /tmp/myfs.img
@ -536,26 +372,6 @@
      ansible.builtin.pause:
        seconds: 2
    # remount check mode
    - name: Remount (check mode)
      ansible.posix.mount:
        path: /tmp/myfs
        state: remounted
    - name: Get again the last write time
      ansible.builtin.shell:
        cmd: >-
          set -o pipefail && dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i "last write time:" |cut -d: -f2-
        executable: "{{ shell_executable }}"
      changed_when: false
      register: last_write_time_check
    - name: Fail if they are different
      ansible.builtin.fail:
        msg: Filesytem was remounted, testing of the module failed!
      when: last_write_time.stdout != last_write_time_check.stdout
    # remount
    - name: Test if the FS is remounted
      ansible.posix.mount:
        path: /tmp/myfs
@ -574,29 +390,6 @@
        msg: Filesytem was not remounted, testing of the module failed!
      when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout
    # remount different options check mode
    - name: Remount filesystem with different opts using remounted option (Linux only)
      ansible.posix.mount:
        path: /tmp/myfs
        state: remounted
        opts: rw,noexec
      check_mode: true
    - name: Get remounted options (Linux only)
      ansible.builtin.shell:
        cmd: set -o pipefail && mount | grep myfs | grep -E -w 'noexec' | wc -l
        executable: "{{ shell_executable }}"
      failed_when: false
      changed_when: false
      register: remounted_options
    - name: Make sure the filesystem now has the new opts after using remounted (Linux only)
      ansible.builtin.assert:
        that:
          - "'0' in remounted_options.stdout"
          - "1 == remounted_options.stdout_lines | length"
    # remount different options
    - name: Remount filesystem with different opts using remounted option (Linux only)
      ansible.posix.mount:
        path: /tmp/myfs
@ -616,7 +409,6 @@
          - "'1' in remounted_options.stdout"
          - "1 == remounted_options.stdout_lines | length"
    # backup
    - name: Mount the FS again to test backup
      ansible.posix.mount:
        path: /tmp/myfs
@ -647,11 +439,9 @@
        - /tmp/myfs.img
        - /tmp/myfs
 # BOOT #############################################################
 - name: Block to test boot option for Linux
  when: ansible_system in ('Linux')
  block:
    # setup
    - name: Create empty file
      community.general.filesize:
        path: /tmp/myfs.img
@ -662,7 +452,6 @@
        fstype: ext3
        dev: /tmp/myfs.img
    # noauto
    - name: Mount the FS with noauto option
      ansible.posix.mount:
        path: /tmp/myfs
@ -683,26 +472,6 @@
        path: /tmp/myfs
        state: absent
    # noauto + defaults
    - name: Mount the FS with noauto option and defaults
      ansible.posix.mount:
        path: /tmp/myfs
        src: /tmp/myfs.img
        fstype: ext3
        state: mounted
        boot: false
      register: mount_info
    - name: Assert the mount without noauto was successful
      ansible.builtin.assert:
        that:
          - "'noauto' in mount_info['opts'].split(',')"
    - name: Unmount FS
      ansible.posix.mount:
        path: /tmp/myfs
        state: absent
    - name: Remove the test FS
      ansible.builtin.file:
        path: '{{ item }}'
@ -711,7 +480,6 @@
        - /tmp/myfs.img
        - /tmp/myfs
 # NEWLINE END OF FILE ############################################
 - name: Block to test missing newline at the EOF of fstab
  when: ansible_system in ('Linux')
  block:
@ -750,7 +518,6 @@
        - /tmp/myfs1
        - /tmp/test_fstab
 # EPHEMERAL ################################################
 - name: Block to test ephemeral option
  environment:
    PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
@ -766,7 +533,8 @@
        path: /tmp/myfs_B.img
        size: 20M
-    ##### FORMAT FS ON LINUX
+  ##### FORMAT FS ON LINUX
    - name: Block to format FS on Linux
      when: ansible_system == 'Linux'
      block:
@ -780,7 +548,8 @@
            fstype: ext3
            dev: /tmp/myfs_B.img
-    ##### FORMAT FS ON SOLARIS AND BSD
+  ##### FORMAT FS ON SOLARIS AND BSD
    - name: Create loop devices on Solaris and BSD
      ansible.builtin.shell:
        cmd: "set -o pipefail && {{ ephemeral_create_loop_dev_cmd }}"
@ -795,49 +564,14 @@
      changed_when: true
      when: ephemeral_format_fs_cmd is defined
  ##### TESTS
    - name: Create fstab if it does not exist
      ansible.builtin.file:
        path: "{{ ephemeral_fstab }}"
        state: touch
        mode: '0644'
    # normal ephemeral mount check mode
    - name: Get checksum of /etc/fstab before mounting anything
      ansible.builtin.stat:
        path: '{{ ephemeral_fstab }}'
      register: fstab_stat_before_mount
    - name: Mount the FS A with ephemeral state (check mode)
      ansible.posix.mount:
        path: /tmp/myfs
        src: '{{ ephemeral_device_a }}'
        fstype: '{{ ephemeral_fstype }}'
        opts: rw
        state: ephemeral
      register: ephemeral_mount_info
      check_mode: true
    - name: Get checksum of /etc/fstab after an ephemeral mount
      ansible.builtin.stat:
        path: '{{ ephemeral_fstab }}'
      register: fstab_stat_after_mount
    - name: Get mountinfo
      ansible.builtin.shell:
        cmd: grep -c '/tmp/myfs' <(mount -v)
        executable: "{{ shell_executable }}"
      register: check_mountinfo
      failed_when: false
      changed_when: false
    - name: Assert the mount occurred and the fstab is unchanged
      ansible.builtin.assert:
        that:
          - check_mountinfo.stdout|int == 0
          - ephemeral_mount_info['changed']
          - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum']
    # normal ephemeral mount
    - name: Get checksum of /etc/fstab before mounting anything
      ansible.builtin.stat:
        path: '{{ ephemeral_fstab }}'
@ -878,48 +612,6 @@
          - ephemeral_mount_info['changed']
          - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum']
    # remount different options check mode
    - name: Get first mount record
      ansible.builtin.shell:
        cmd: grep '/tmp/myfs' <(mount -v)
        executable: "{{ shell_executable }}"
      register: ephemeral_mount_record_1
      changed_when: false
    - name: Try to mount FS A where FS A is already mounted (should trigger remount and changed)
      ansible.posix.mount:
        path: /tmp/myfs
        src: '{{ ephemeral_device_a }}'
        fstype: '{{ ephemeral_fstype }}'
        opts: ro
        state: ephemeral
      register: ephemeral_mount_info
      check_mode: true
    - name: Get second mount record (should be different than the first)
      ansible.builtin.shell:
        cmd: grep '/tmp/myfs' <(mount -v)
        executable: "{{ shell_executable }}"
      register: ephemeral_mount_record_2
      changed_when: false
    - name: Get mountinfo
      ansible.builtin.shell:
        cmd: grep -c '/tmp/myfs' <(mount -v)
        executable: "{{ shell_executable }}"
      failed_when: false
      register: check_mountinfo
      changed_when: false
    - name: Assert the FS A is still mounted, the options unchanged and the fstab unchanged
      ansible.builtin.assert:
        that:
          - check_mountinfo.stdout|int == 1
          - ephemeral_mount_record_1.stdout == ephemeral_mount_record_2.stdout
          - ephemeral_mount_info['changed']
          - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum']
    # remount different options
    - name: Get first mount record
      ansible.builtin.shell:
        cmd: grep '/tmp/myfs' <(mount -v)
@ -959,7 +651,6 @@
          - ephemeral_mount_info['changed']
          - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_mount['stat']['checksum']
    # conflicting mount
    - name: Try to mount file B on file A mountpoint (should fail)
      ansible.posix.mount:
        path: /tmp/myfs
@ -997,39 +688,6 @@
          - test_file_stat['stat']['exists']
          - ephemeral_mount_b_info is failed
    # unmount check mode
    - name: Unmount FS with state = unmounted
      ansible.posix.mount:
        path: /tmp/myfs
        state: unmounted
      check_mode: true
    - name: Get fstab checksum after unmounting an ephemeral mount with state = unmounted
      ansible.builtin.stat:
        path: '{{ ephemeral_fstab }}'
      register: fstab_stat_after_unmount
    - name: Get mountinfo
      ansible.builtin.shell:
        cmd: grep -c '/tmp/myfs' <(mount -v)
        executable: "{{ shell_executable }}"
      register: check_mountinfo
      failed_when: false
      changed_when: false
    - name: Try to stat our test file
      ansible.builtin.stat:
        path: /tmp/myfs/test_file
      register: test_file_stat
    - name: Assert that unmount did not take place and fstab unchanged
      ansible.builtin.assert:
        that:
          - check_mountinfo.stdout|int == 1
          - test_file_stat['stat']['exists']
          - fstab_stat_before_mount['stat']['checksum'] == fstab_stat_after_unmount['stat']['checksum']
    # unmount
    - name: Unmount FS with state = unmounted
      ansible.posix.mount:
        path: /tmp/myfs
@ -1081,54 +739,3 @@
        - /tmp/myfs_A.img
        - /tmp/myfs_B.img
        - /tmp/myfs
 # OPTS_NO_LOG ######################################
 - name: Block to test opts_no_log option
  when: ansible_system == 'Linux'
  block:
    - name: Create an empty file
      community.general.filesize:
        path: /tmp/myfs.img
        size: 1M
    - name: Format FS
      community.general.filesystem:
        fstype: ext4
        dev: /tmp/myfs.img
    - name: Mount the FS with opts_no_log option true
      ansible.posix.mount:
        path: /tmp/myfs
        src: /tmp/myfs.img
        fstype: ext4
        state: mounted
        opts: rw
        opts_no_log: true
      register: mount_info
    - name: Assert opts_no_log option true
      ansible.builtin.assert:
        that:
          - mount_info.opts == 'VALUE_SPECIFIED_IN_NO_LOG_PARAMETER'
    - name: Remount the FS with opts_no_log option false
      ansible.posix.mount:
        path: /tmp/myfs
        src: /tmp/myfs.img
        fstype: ext4
        state: remounted
        opts: rw,user
        opts_no_log: false
      register: mount_info
    - name: Assert opts_no_log option false
      ansible.builtin.assert:
        that:
          - mount_info.opts == 'rw,user'
  always:
    - name: Unmount FS
      ansible.posix.mount:
        path: /tmp/myfs
        state: absent
    - name: Remove the test FS
      ansible.builtin.file:
        path: '{{ item }}'
        state: absent
      loop:
        - /tmp/myfs.img
        - /tmp/myfs
--- a/tests/integration/targets/seboolean/tasks/main.yml
+++ b/tests/integration/targets/seboolean/tasks/main.yml
@ -20,4 +20,5 @@
  ansible.builtin.include_tasks: seboolean.yml
  when:
    - ansible_selinux is defined
    - ansible_selinux
    - ansible_selinux.status == 'enabled'
--- a/tests/integration/targets/selinux/tasks/main.yml
+++ b/tests/integration/targets/selinux/tasks/main.yml
@ -19,21 +19,23 @@
 - name: Debug message for when SELinux is disabled
  ansible.builtin.debug:
    msg: SELinux is disabled
-  when: ansible_selinux is defined and ansible_selinux.status == 'disabled'
+  when: ansible_selinux is defined and not ansible_selinux
 - name: Debug message for when SELinux is enabled and not disabled
  ansible.builtin.debug:
    msg: SELinux is {{ ansible_selinux.status }}
-  when: ansible_selinux is defined
+  when: ansible_selinux is defined and ansible_selinux
 - name: Include_tasks for when SELinux is enabled
  ansible.builtin.include_tasks: selinux.yml
  when:
    - ansible_selinux is defined
    - ansible_selinux
    - ansible_selinux.status == 'enabled'
 - name: Include tasks for selogin when SELinux is enabled
  ansible.builtin.include_tasks: selogin.yml
  when:
    - ansible_selinux is defined
    - ansible_selinux
    - ansible_selinux.status == 'enabled'
--- a/tests/integration/targets/selinux/tasks/selinux.yml
+++ b/tests/integration/targets/selinux/tasks/selinux.yml
@ -128,8 +128,8 @@
  ansible.builtin.assert:
    that:
      - selinux_config_original | length == selinux_config_after | length
-      - (selinux_config_after | select("search", "^SELINUX=disabled\s*$") | list | length) > 0
+      - selinux_config_after[selinux_config_after.index('SELINUX=disabled')]  is search("^SELINUX=\w+$")
-      - (selinux_config_after | select("search", "^SELINUXTYPE=targeted\s*$") | list | length) > 0
+      - selinux_config_after[selinux_config_after.index('SELINUXTYPE=targeted')]  is search("^SELINUXTYPE=\w+$")
 - name: TEST 1 | Disable SELinux again, with kernel arguments update
  ansible.posix.selinux:
--- a/tests/sanity/ignore-2.19.txt
+++ b/tests/sanity/ignore-2.19.txt
@ -1 +0,0 @@
 tests/utils/shippable/timing.py shebang
--- a/tests/utils/shippable/shippable.sh
+++ b/tests/utils/shippable/shippable.sh
@ -62,15 +62,15 @@ else
    retry pip install "https://github.com/ansible/ansible/archive/stable-${ansible_version}.tar.gz" --disable-pip-version-check
 fi
-export ANSIBLE_COLLECTIONS_PATH="${PWD}/../../../"
+export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../"
 # START: HACK install dependencies
 if [ "${ansible_version}" == "2.9" ] || [ "${ansible_version}" == "2.10" ]; then
    # Note: Since community.general 5.x, Ansible Core versions prior to 2.11 are not supported.
    # So we need to use 4.8.1 for Ansible 2.9 and Ansible Engine 2.10.
-    retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general"
+    retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general"
 else
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general"
+    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general"
 fi
 # Note:  we're installing with git to work around Galaxy being a huge PITA (https://github.com/ansible/galaxy/issues/2429)
 # END: HACK
Author	SHA1	Message	Date
Abhijeet Kasurde	b12095af90	Add changelog fragment Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>	2024-07-17 15:58:15 -07:00
Mohammed Naser	baea26a137	synchronize: use _find_needle instead	2024-07-17 15:57:04 -07:00
		`@ -0,0 +1,2 @@`
							`trivial:`
							- synchronize - instantiate the connection plugin without the ``new_stdin`` argument, which is deprecated in ansible-core 2.15 (https://github.com/ansible-collections/ansible.posix/pull/421).
		`@ -0,0 +1,2 @@`
							`trivial:`
							`- "Fix integration tests so they work with ansible-core devel / 2.16 (https://github.com/ansible-collections/ansible.posix/pull/466)."`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							`- firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							`- firewalld_info - Only warn about ignored zones, when there are zones ignored.`
		`@ -1,2 +0,0 @@`
			`trivial:`
			`- Bump version to 3.0.0 for the next release (https://github.com/ansible-collections/ansible.posix/issues/603).`
		`@ -1,2 +0,0 @@`
			`trivial:`
			`- Remove ubuntu20.04 from CI tests (https://github.com/ansible-collections/ansible.posix/issues/612).`
		`@ -0,0 +1,2 @@`
							`major_changes:`
							`- "Dropping support for Ansible 2.9, ansible-core 2.14 will be minimum required version for this release"`
		`@ -0,0 +1,2 @@`
							`trivial:`
							`- "Move Galaxy test requirements from old transitional format in tests/requirements.yml to standard Ansible Galaxy requirements files in tests/integration/requirements.yml and tests/unit/requirements.yml."`