gitea/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-03-26 21:33:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: gitea:1.1.0
Branches Tags
gitea:main gitea:stable-2 gitea:stable-1
gitea:2.1.0 gitea:2.0.0 gitea:1.6.2 gitea:1.6.1 gitea:1.6.0 gitea:1.5.4 gitea:1.5.2 gitea:1.5.1 gitea:1.5.0 gitea:1.4.0 gitea:1.3.0 gitea:1.2.0 gitea:1.1.1 gitea:1.1.0 gitea:1.0.0 gitea:0.1.3 gitea:0.1.2 gitea:0.1.1
..
compare: gitea:1.3.0
Branches Tags
gitea:main gitea:stable-2 gitea:stable-1
gitea:2.1.0 gitea:2.0.0 gitea:1.6.2 gitea:1.6.1 gitea:1.6.0 gitea:1.5.4 gitea:1.5.2 gitea:1.5.1 gitea:1.5.0 gitea:1.4.0 gitea:1.3.0 gitea:1.2.0 gitea:1.1.1 gitea:1.1.0 gitea:1.0.0 gitea:0.1.3 gitea:0.1.2 gitea:0.1.1

169 Commits
1.1.0 ... 1.3.0

Author SHA1 Message Date
ansible-zuul[bot]
ab9eaf24bc Merge pull request #245 from saito-hideki/release_1.3.0 
Release 1.3.0 commit

SUMMARY
New release 1.3.0
ISSUE TYPE

Feature Pull Request

COMPONENT NAME

ansible.posix

ADDITIONAL INFORMATION
None

Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
 2021-08-11 09:19:31 +00:00
Hideki Saito
fad1d3a870 Release 1.3.0 commit 
Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-08-11 15:51:13 +09:00
ansible-zuul[bot]
c21fb99f54 Merge pull request #244 from Akasurde/trivial 
fix changelog entry

SUMMARY
Changed from bugfixes to trivial
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
changelogs/fragments/firewalld_integ_test.yml

Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: None <None>
 2021-08-11 05:57:26 +00:00
Abhijeet Kasurde
a65807edc3 synchronize: Use SSH args from SSH connection plugins (#223) 
SSH configuration migrated from Ansible configuration to
SSH connection configuration. Make ``synchronize`` understand
this.

Fixes: #222

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-08-11 10:45:52 +05:30
Abhijeet Kasurde
dad5379461 fix changelog entry 
Changed from `bugfixes` to `trivial`

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-08-10 17:58:27 +05:30
ansible-zuul[bot]
bd594970a8 Merge pull request #243 from Akasurde/test 
Fix integration test fedora 34 with firewalld

SUMMARY
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
plugins/modules/firewalld.py

Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: None <None>
 2021-08-10 12:22:33 +00:00
Abhijeet Kasurde
c244abd82f Fix integration test fedora 34 with firewalld 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-08-10 15:17:24 +05:30
ansible-zuul[bot]
42d2b9c65a Merge pull request #233 from piotrtrojanowski-dev/patch-2 
Fix requires firewalld version in comments for permanent parameter.

SUMMARY
Version of firewalled seems to be wrong. 3.0.9 version of that package does not exist.
The latest release of firewalled: https://github.com/firewalld/firewalld/releases
ISSUE TYPE

Docs Pull Request

COMPONENT NAME
ansible.posix.firewalld

Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: None <None>
 2021-08-10 06:42:37 +00:00
ansible-zuul[bot]
7a62e01af6 Merge pull request #241 from xlab-steampunk/shell-quoting 
Properly quote Synchronize

SUMMARY
The synchronize action plugin and module were a bit sloppy when it came to the command-line parameter quoting and that caused failure on some systems (for example, on Fedora 34).
This commit makes sure any arguments with potentially problematic characters are quoted before being used.
Fixes #242
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
synchronize

Reviewed-by: Sergey <None>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
 2021-08-09 13:08:23 +00:00
ansible-zuul[bot]
18614bb82d Merge pull request #237 from saito-hideki/issue/236 
Update AZP config

SUMMARY

Fixes ansible-collections/overview#45
Fixes #236

DESCRIPTION
The following changes are for the devel version test sections:

 Remove: fedora32
 Remove: freebsd/11.4
 Remove: rhel/8.3
 Add: fedora34
 Add: freebsd/13.0
 Add: rhel/8.4

ISSUE TYPE

Test Pull Request

COMPONENT NAME
CI

Reviewed-by: Andrew Klychkov <aaklychkov@mail.ru>
Reviewed-by: None <None>
 2021-08-09 09:32:37 +00:00
Hideki Saito
944f5416c9 Added changelog fragment file to PR #233 
Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-08-07 13:28:08 +09:00
ansible-zuul[bot]
ce3d0fdfa4 Merge pull request #226 from mandar242/fix-integration-test-sysctl 
Fix: sysctl integration test - virtualization type

SUMMARY

sysctl integration tests inside docker are being skipped as the check ansible_facts.virtualization_type == 'docker' fails.
On Debugging, ansible_facts.virtualization_type is being returned as "container".

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

sysctl
ADDITIONAL INFORMATION


Ansible Version

ansible [core 2.11.2]

Docker Version

Docker version 20.10.7, build f0df350

OS

Fedora 34

Actual Results
PLAY RECAP *********************************************************************
testhost                   : ok=1    changed=0    unreachable=0    failed=0    skipped=44   rescued=0    ignored=0   

Likely this code is related: https://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/facts/virtual/linux.py#L113

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: None <None>
 2021-08-05 05:38:35 +00:00
mandar242
244c9b2066 sysctl: Fix integration test virtualization type 2021-08-04 21:52:50 +05:30
ansible-zuul[bot]
f85f2904c9 Merge pull request #238 from saito-hideki/pr/update_readme_with_versions 
Update README.md with ansible versions and release notes

SUMMARY
Update README.md with ansible versions and release notes:

Update ansible-core versions in the Tested with ansible section.
Change the Release notes section to use CHANGELOG.rst link.

ISSUE TYPE

Docs Pull Request

COMPONENT NAME

ansible.posix

ADDITIONAL INFORMATION
None

Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
 2021-08-04 12:49:26 +00:00
Tadej Borovšak
db12a40a4c Synchronize: properly quote shell command components 
The synchronize action plugin and module were a bit sloppy when it
came to the command-line parameter quoting and that caused failuer on
some systems (for example, on Fedora 34).

This commit makes sure any argumnts with potentially problematic
characters are quoted before being used.
 2021-08-04 13:37:18 +02:00
ansible-zuul[bot]
5282ece77e Merge pull request #230 from sshnaidm/podmanfix2 
Complete adding podman connection to synchronize

SUMMARY


ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

synchronize
ADDITIONAL INFORMATION





Continue of #229
For fixing ansible-community/molecule-podman#45

Reviewed-by: Sorin Sbarnea <sorin.sbarnea@gmail.com>
Reviewed-by: Tadej Borovšak <None>
Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Sergey <None>
Reviewed-by: None <None>
 2021-08-04 11:32:28 +00:00
Sagi Shnaidman
133ffe51fb Complete adding podman connection to synchronize 2021-08-03 15:44:00 +03:00
ansible-zuul[bot]
b3e395a4a3 Merge pull request #239 from Akasurde/firewalld_test 
Enable firewalld tests

SUMMARY
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
tests/integration/targets/firewalld/aliases
tests/integration/targets/setup_pkg_mgr/tasks/main.yml

Reviewed-by: Adam Miller <maxamillion@fedoraproject.org>
Reviewed-by: None <None>
 2021-08-02 22:36:00 +00:00
Abhijeet Kasurde
424004c4c0 Enable firewalld tests 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-08-02 20:26:42 +05:30
Hideki Saito
dd2782d81c Update README.md with ansible versions and release notes 
* Update ansible-core versions in the Tested with ansible section.
* Change the Release notes section to use CHANGELOG.rst link.

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-08-02 08:33:12 +09:00
Hideki Saito
f7f5f89899 Update AZP config 
* Fixes ansible-collections/overview#45
* Fixes #236

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-07-30 23:37:15 +09:00
piotrtrojanowski-dev
2b7a35c346 Fix requires firewalld version in comments for permanent parameter. 2021-07-27 09:37:58 +02:00
ansible-zuul[bot]
1ebacfb195 Merge pull request #229 from sshnaidm/podman 
Allow podman connections in synchronize module

SUMMARY


ISSUE TYPE


Feature Pull Request
For fixing issues with molecule: ansible-community/molecule-podman#45

COMPONENT NAME

synchronize
ADDITIONAL INFORMATION


Add podman connections as it's done with buildah and docker.

Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Sergey <None>
Reviewed-by: Sumit Jaiswal <sjaiswal@redhat.com>
Reviewed-by: Hideki Saito <saito@fgrep.org>
 2021-07-24 04:58:24 +00:00
Sergey
ab5c1d9911 Update changelogs/fragments/229_add_podman_connection_plugin_to_synchronize.yml 
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-07-23 14:56:34 +03:00
Sagi Shnaidman
4be66cfb34 Add changelog fragment 2021-07-23 14:44:26 +03:00
Sagi Shnaidman
c5d49b2a91 Allow podman connections in synchronize module 2021-07-23 14:29:02 +03:00
ansible-zuul[bot]
a03e652437 Merge pull request #214 from saito-hideki/pr/add_firewalld_info 
Add new firewalld_info module to ansible.posix collection

SUMMARY
Add new firewalld_info module to ansible.posix collection.

Gathering information about firewalld zone settings
fixes #98

ISSUE TYPE

Feature Pull Request

COMPONENT NAME

ansible.posix.firewalld_info

ADDITIONAL INFORMATION
None

Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Hideki Saito <saito@fgrep.org>
 2021-07-21 05:19:13 +00:00
ansible-zuul[bot]
e815909859 Merge pull request #215 from quasd/main 
fix REJECT target name

SUMMARY
Fix setting default target to reject. The target name is %%REJECT%% not REJECT.
https://firewalld.org/documentation/zone/options.html
After this pull request to way to set REJECT would be
  - name: "Set target to REJECT for public"
    ansible.posix.firewalld:
      zone: public
      permanent: yes
      target: '%%REJECT%%'
      state: enabled
    become: true


ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME
firewalld
ADDITIONAL INFORMATION



This snippet would fail due to there not being target called REJECT and using %%REJECT%% is not in allowed values for target
  - name: "Set target to REJECT for public"
    ansible.posix.firewalld:
      zone: public
      permanent: yes
      target: 'REJECT'
      state: enabled
    become: true

Ansible error
{
    "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_TARGET: REJECT Permanent operation",
    "invocation": {
        "module_args": {
            "zone": "public",
            "permanent": true,
            "target": "REJECT",
            "state": "enabled",
            "immediate": false,
            "timeout": 0,
            "icmp_block": null,
            "icmp_block_inversion": null,
            "service": null,
            "port": null,
            "port_forward": null,
            "rich_rule": null,
            "source": null,
            "interface": null,
            "masquerade": null,
            "offline": null
        }
    },
    "_ansible_no_log": false,
    "changed": false
}

syslog
Jun 29 09:49:39 <hostname retracted> ansible-ansible.posix.firewalld[9015]: Invoked with zone=public permanent=True state=enabled target=REJECT immediate=False timeout=0 icmp_[1850/7279] icmp_block_inversion=None service=None port=None port_forward=None rich_rule=None source=None interface=None masquerade=None offline=None                                                                 
Jun 29 09:49:39 <hostname retracted>  firewalld[915]: ERROR: INVALID_TARGET: REJECT

Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: None <None>
Reviewed-by: Amin Vakil <info@aminvakil.com>
Reviewed-by: quidame <None>
Reviewed-by: Hideki Saito <saito@fgrep.org>
 2021-07-14 17:05:30 +00:00
ansible-zuul[bot]
f2601b01da Merge pull request #213 from ndgit/fix-24-and-190 
synchronize: quotes around arguments

fix quoting for specific cmd arguments
Fixes:

#24
#190

ISSUE TYPE:

Bugfix Pull Request

COMPONENT NAME:
module: synchronize

Reviewed-by: Abhijeet Kasurde <None>
Reviewed-by: Robert Rettig <None>
Reviewed-by: Hideki Saito <saito@fgrep.org>
Reviewed-by: Mike Graves <mgraves@redhat.com>
 2021-07-14 15:20:20 +00:00
Hideki Saito
27434455e5 Add new firewalld_info module to ansible.posix collection 
* fixes #98

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-07-09 23:47:12 +09:00
Robert Rettig
25cfc56f6f enable integration tests 
ansible-collections/ansible.posix/pull/213#issuecomment-876480707
 2021-07-09 02:28:39 +02:00
ansible-zuul[bot]
f6fa00bfff Merge pull request #187 from smemsh/fix-synchronize-become-user 
synchronize: fix to honor become_user when become_method sudo

SUMMARY

When become_method is sudo, the synchronize module ignores become_user, always running as root.  This means one cannot create files as a target user, when they need to get in via a third user and can only sudo via that one.  In my case, I'm connecting via a special provisioning user that has sudo privs, but I need to create the files as the become_user.  I'm using it to deposit skeleton files, and there should be no reason to run another task with chown; after all, the documentation already describes the desired behavior:

The user and permissions for the synchronize dest are those of the remote_user on the destination host or the become_user if become=yes is active.

This patch takes the running become_user (if it's not None) and adds it to the sudo command with the -u command line option, so the file gets created correctly.  I have tested this and it works.
Other become_methods are ignored, but they already were anyways (the code already has a TODO to add other methods, which we don't attempt in this patch)
Fixes #186

ISSUE TYPE


Bugfix Pull Request

COMPONENT NAME

synchronize
ADDITIONAL INFORMATION


See reproduction in #186.
This appears to have been in place since ansible/ansible@811a906

Reviewed-by: Amin Vakil <info@aminvakil.com>
Reviewed-by: Sumit Jaiswal <sjaiswal@redhat.com>
 2021-07-08 14:16:12 +00:00
ansible-zuul[bot]
68263bfc29 Merge pull request #217 from saito-hideki/pr/restructure_test_for_authorized_key 
Restructure integration tests for authorized_key module

SUMMARY
Split the large tasks/main.yml in integration tests to each function block and use import_tasks to import for them.
ISSUE TYPE

Feature Pull Request

COMPONENT NAME

tests/integration/targets/authorized_key/

ADDITIONAL INFORMATION

None
 2021-07-08 12:27:01 +00:00
ansible-zuul[bot]
e23ea12cc5 Merge pull request #216 from mandar242/issues/126/mount-return-backup-file 
Fix: Resolve merge conflict - mount return backup_file(#128)

SUMMARY

Resolves Merge conflict in #128 which Fixes #126

ISSUE TYPE


Feature Pull Request

COMPONENT NAME

mount
ADDITIONAL INFORMATION




Conflicting files in #128 
tests/integration/targets/mount/tasks/main.yml

Reviewed-by: Mike Graves <mgraves@redhat.com>
 2021-07-06 13:28:22 +00:00
Hideki Saito
69d17ed4b7 Restructure integration tests for authorized_key module 
* Split tasks/main.yml in integration tests to each function block.

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-07-02 16:27:02 +09:00
Mandar Kulkarni
ed573a8223 Clean up main.yml 2021-07-01 10:12:33 -07:00
Mandar Kulkarni
dd7d29495d Clean, use blocks in main.yml 2021-07-01 09:27:04 -07:00
Abhijeet Kasurde
c596feab78 Review comments 
Co-authored-by: quidame <quidame@poivron.org>
 2021-07-01 10:36:33 +05:30
Mandar Kulkarni
606e3cfe07 Update main.yml 2021-06-30 16:52:16 -07:00
Mandar Kulkarni
23fadc9f02 Update main.yml 2021-06-30 16:25:01 -07:00
Mandar Kulkarni
6d51660be4 Update main.yml 2021-06-30 15:57:39 -07:00
Mandar Kulkarni
957a7420ca Update main.yml 2021-06-30 15:26:33 -07:00
Mandar Kulkarni
b740bdaf3a Merge https://github.com/ansible-collections/ansible.posix into issues/126/mount-return-backup-file 2021-06-30 04:11:28 -04:00
quasd
049292669b fix yaml syntax for reject choices 2021-06-29 13:33:35 +03:00
quasd
310c68e6dd add tests for REJECT target 2021-06-29 11:37:20 +03:00
quasd
fcb2a466e0 add fragment 2021-06-29 11:31:04 +03:00
Erkki Hurme
757b544cf3 fix REJECT target name 2021-06-29 10:38:47 +03:00
Robert Rettig
9f384c00a3 add changelog fragment 2021-06-24 23:58:28 +02:00
Robert Rettig
0118bf0cb9 fixes #24 and #190 2021-06-24 23:37:48 +02:00
ansible-zuul[bot]
a994a58b23 Merge pull request #203 from saito-hideki/issue/28_bsd 
Modify boot option handling on BSD systems

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-16 11:30:20 +00:00
ansible-zuul[bot]
23afcce8b8 Merge pull request #207 from Andersson007/mount_tests 
mount integration tests: make them more human readable

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-11 15:16:12 +00:00
ansible-zuul[bot]
e2a316122a Merge pull request #199 from Akasurde/i179 
firewalld: Ensure idempotency

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-11 11:35:12 +00:00
Andrew Klychkov
1671173e99 Add changelog fragment 2021-06-11 11:40:55 +02:00
Andrew Klychkov
0b597f2e66 mount integration tests: make them more human readable 2021-06-11 11:15:28 +02:00
ansible-zuul[bot]
e068522325 Merge pull request #205 from Akasurde/i204 
csh: Define ``ECHO`` and ``COMMAND_SEP``

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-09 17:28:12 +00:00
Abhijeet Kasurde
51d117285f csh: Define `ECHO and COMMAND_SEP` 
Fixes: #204

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-09 17:46:09 +05:30
Hideki Saito
c29bbd265b Modify boot option handling on BSD systems 
* Fixes #28 for BSD systems
* Porting PR #196 to BSD systems

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-06-08 20:44:42 +09:00
ansible-zuul[bot]
7417d857f1 Merge pull request #202 from Akasurde/i124 
acl: Add new alias

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-07 07:57:33 +00:00
ansible-zuul[bot]
ceddb849b8 Merge pull request #201 from Akasurde/i175 
synchronize: fix misc typo

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-04 15:49:36 +00:00
ansible-zuul[bot]
f5666924ab Merge pull request #200 from Akasurde/i193 
firewalld: Specify unit for timeout

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-04 13:36:59 +00:00
Abhijeet Kasurde
7bed8ce79e review requests 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-04 18:39:50 +05:30
Abhijeet Kasurde
7d928e6e9d synchronize: fix misc typo 
Docs should read ``--delete-after`` instead of ``--delete-excluded``.

Fixes: #175

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-04 18:38:01 +05:30
Abhijeet Kasurde
07fe3a91b6 firewalld: Ensure idempotency 
Use APIs like ``query*`` instead of ``get*``.

Fixes: #179

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-04 16:55:19 +05:30
Abhijeet Kasurde
5cebc90623 firewalld: Specify unit for timeout 
Timeout parameter takes value which is specified in seconds.

Fixes: #193

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-04 16:53:37 +05:30
Abhijeet Kasurde
6ba8445fb1 acl: Add new alias 
Added new alias ``recurse`` for parameter ``recursive``.

Fixes: #124

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-04 16:51:15 +05:30
ansible-zuul[bot]
9d4ae8b7e4 Merge pull request #196 from saito-hideki/issue/28 
Modify boot option handling on Linux systems

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-04 06:23:07 +00:00
Adam Miller
41e5b8428f mount return backup_file 
Fixes https://github.com/ansible-collections/ansible.posix/issues/126

Signed-off-by: Adam Miller <admiller@redhat.com>
 2021-06-04 10:52:38 +05:30
ansible-zuul[bot]
1793cd70c4 Merge pull request #172 from saito-hideki/issue/169 
Append line-separator to the end of command line

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-03 12:02:30 +00:00
ansible-zuul[bot]
b98c7926da Merge pull request #198 from Akasurde/regession 
synchronize: correct typo

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-06-03 11:01:49 +00:00
Abhijeet Kasurde
5d0c5ae3a6 synchronize: correct typo 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-06-02 12:58:56 +05:30
Hideki Saito
cfff8a3806 Modify boot option handling on Linux systems 
* Address the issue #28
* Modified behavior to set noauto option if boot is 'no' on Linux system
* Modified integration test to use filesize module instead of dd

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-06-01 14:21:01 +09:00
ansible-zuul[bot]
7e6adc977f Merge pull request #167 from aminvakil/rsync_hardcoded_options 
synchronize: add delay_updates option

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-05-31 12:44:36 +00:00
Amin Vakil
54ea8777f8 add version_added to new option 
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-05-27 19:31:40 +04:30
ansible-zuul[bot]
5d0c8e40d8 Merge pull request #185 from saito-hideki/issue/184 
[mount] Fix boot option handling on Solaris correctly

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-05-27 08:20:32 +00:00
ansible-zuul[bot]
eaf3d666cc Merge pull request #189 from Akasurde/i134 
authorized_key: Add support for additional key types

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-05-27 06:24:03 +00:00
Abhijeet Kasurde
c985096af5 authorized_key: Add support for additional key types 
Fixes: #134

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-05-25 10:06:01 +05:30
ansible-zuul[bot]
92c6037900 Merge pull request #159 from quidame/fix/ansible_ssh_user 
Fix ansible_ssh_user

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-05-24 15:22:50 +00:00
Hideki Saito
0bef7bb164 Fix boot option handling on Solaris correctly 
* Fixes #184

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-05-13 15:12:50 +09:00
Scott Mcdermott
6e60b0d454 Add changelog fragment for synchronize become_user fix 2021-05-12 14:04:19 -07:00
Scott Mcdermott
0e6f8ab976 Modify synchronize tests for '-u root' arg when become_user not supplied 2021-05-12 01:00:23 -07:00
Scott Mcdermott
6b41ce1a9d Fix to honor become_user in synchronize module (Fixes #186) 2021-05-12 01:00:17 -07:00
quidame
052a2f6d94 Update changelogs/fragments/159-fix-60-deprecated-ansible_ssh_user.yml 
Co-authored-by: Amin Vakil <info@aminvakil.com>
 2021-05-09 02:01:20 +02:00
Hideki Saito
13e77fd7da Append line-separator to the end of command line 
* Addresses issue #169 (https://github.com/ansible-collections/ansible.posix/issues/169)

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-05-05 09:35:39 +09:00
ansible-zuul[bot]
1f15216d0d Merge pull request #181 from Andersson007/uc 
Update codecov.sh URL

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-04-30 08:21:38 +00:00
Andrew Klychkov
9173166223 Add fragment 2021-04-30 08:05:00 +02:00
Andrew Klychkov
da82df4004 Update codecov.sh URL 2021-04-30 07:54:51 +02:00
Amin Vakil
9313bf3e68 Reorder if to address quidame suggestion 2021-04-26 10:58:27 +04:30
ansible-zuul[bot]
8ae6651cff Merge pull request #168 from Andersson007/add_211 
Add 2.11 branch to test matrix, add ignore-2.12.txt

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-04-16 06:03:04 +00:00
Andrew Klychkov
86b32d8730 Add 2.11 branch to test matrix, add ignore-2.12.txt 2021-04-14 07:46:03 +02:00
ansible-zuul[bot]
707523a763 Merge pull request #173 from saito-hideki/pr/add_sanity_test_ignore_file 
Add ignore file for sanity test on devel version 2.12

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-04-12 16:48:03 +00:00
Hideki Saito
8b1b4df54f Add ignore file for sanity test for 2.12 
* Add ignore file to cover sanity test for the current devel version 2.12

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2021-04-12 23:01:30 +09:00
Amin Vakil
fc9fce718d Add changelog 2021-04-03 16:24:53 +04:30
Amin Vakil
7511421440 Add delay_updates option to synchronize module 2021-04-03 16:22:10 +04:30
quidame
d976add5da replace no more supported 'ansible_ssh_*' option names by the new ones 
* Replace 'ansible_ssh_user' by 'ansible_user' everywhere.
* Replace 'ansible_ssh_port' by 'ansible_port' everywhere.
* Replace 'ansible_ssh_host' by 'ansible_host' everywhere.
 2021-03-28 13:50:49 +02:00
ansible-zuul[bot]
ecd5ad53e0 Merge pull request #158 from Ompragash/update_azure_pipeline_test_container 
Updated Azure Pipeline Test Container Image URL to use v1.9.0

Reviewed-by: Andrew Klychkov <aklychko@redhat.com>
             https://github.com/Andersson007
 2021-03-26 07:23:39 +00:00
Ompragash Viswanathan
f6f436f227 Updated Azure Pipeline Test Container Image URL to use v1.9.0 2021-03-26 11:32:35 +05:30
ansible-zuul[bot]
355a99f779 Merge pull request #156 from quidame/fix/no-log-needed_false_positive 
add no_log=False to clear false-positives

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-24 07:34:24 +00:00
quidame
c8b58875d9 add no_log=False to clear false-positives 
Related modules: authorized_key, mount.
 2021-03-19 09:07:14 +01:00
ansible-zuul[bot]
bd8a3f35c2 Merge pull request #153 from Andersson007/release_branch 
Release 1.2.0 commit

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-08 15:07:36 +00:00
Andrew Klychkov
edec4d767d Release 1.2.0 commit 2021-03-08 13:45:10 +01:00
ansible-zuul[bot]
0a56fb0e46 Merge pull request #150 from Andersson007/add_missed_changelog_fragments 
Add missed changelog fragments

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-08 10:56:18 +00:00
Andrew Klychkov
f3b6b5e690 fix a fragment 2021-03-08 10:54:51 +01:00
Andrew Klychkov
d65a36e9ea Add missed changelog fragments 2021-03-08 10:02:48 +01:00
ansible-zuul[bot]
252b531c20 Merge pull request #120 from pneerincx/bugfix_for_24365 
Bugfix for #24365: "Added option to allow SSH connection multiplexing"

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-05 18:30:48 +00:00
ansible-zuul[bot]
bc88258687 Merge pull request #118 from pneerincx/bugfix_for_17492 
Bugfix for #17492 "Do not prepend PWD when path is in form user@server:path or server:path" 

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-05 18:26:53 +00:00
ansible-zuul[bot]
1747370f30 Merge pull request #144 from xlab-steampunk/teach-synchronize-about-community-docker 
Inform synchronize module about community.docker collection

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-05 17:49:45 +00:00
ansible-zuul[bot]
72353d3f04 Merge pull request #143 from mperry2/acldocs 
Update documentation for ACL permissions

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-05 16:48:50 +00:00
John R Barker
1822789d95 Merge branch 'main' into acldocs 2021-03-05 15:47:30 +00:00
John R Barker
ccbb679fc3 Formatting 2021-03-05 15:46:19 +00:00
Tadej Borovšak
98c86c54cd Inform synchronize module about community.docker collection 
The synchronize action plugin has a built-in list of connection
plugins that it knows how to handle.

One of those connection plugins is the docker connection plugin. And
because the docker content has been moved around quite a lot, the
docker connection plugin has quite a few names:

 - docker in Ansible 2.9,
 - community.general.docker for community.general < 2.0.0, and
 - community.docker.docker since a few months ago.

And while the synchronize module already knew about the first two
names, the last one was still missing. This commit fixes that omission
and adds a third name into the mix.
 2021-03-05 16:42:43 +01:00
ansible-zuul[bot]
354239d6c9 Merge pull request #147 from Andersson007/update_distr_azp 
Update azure-pipelines.yml and README.md

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-05 15:40:04 +00:00
Andrew Klychkov
4825036c7e Update AZP aggregate-coverage.sh and report-coverage.sh 2021-03-05 14:25:22 +01:00
Andrew Klychkov
360d0c3441 Update azure-pipelines.yml and README.md 2021-03-05 13:53:38 +01:00
ansible-zuul[bot]
d8fb68514c Merge pull request #138 from Akasurde/sanity_fix 
Fix sanity test for modules

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-02 16:27:55 +00:00
ansible-zuul[bot]
d8c6add988 Merge pull request #140 from Akasurde/posix_ci_fix 
Update OS as per guidelines

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-02 15:07:09 +00:00
Abhijeet Kasurde
ea8fc70373 Fix sanity test for modules 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-03-02 18:53:06 +05:30
ansible-zuul[bot]
20f70caa1f Merge pull request #141 from Andersson007/update_default_container_ver 
azure-pipelines: update default container version

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-02 13:03:37 +00:00
Abhijeet Kasurde
04f976d7d3 Update OS as per guidelines 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2021-03-02 17:43:15 +05:30
ansible-zuul[bot]
b6a2dee8bb Merge pull request #145 from Andersson007/remove_sanity_requirements_txt 
Remove tests/sanity/requirements.txt

Reviewed-by: https://github.com/apps/ansible-zuul
 2021-03-02 12:11:34 +00:00
Andrew Klychkov
5b66052067 remove upper bound (2.11) from meta/runtime.yml 2021-03-02 11:55:38 +01:00
Andrew Klychkov
2655a6ffc1 remove changelogs/fragments/.empty 2021-03-02 11:47:07 +01:00
Andrew Klychkov
bbba9beb70 Add tests/sanity/ignore-2.11.txt 2021-03-02 11:20:44 +01:00
Andrew Klychkov
a8594c5477 Remove tests/sanity/requirements.txt 2021-03-01 16:47:09 +01:00
Matt Perry
3043f737a0 Update ACL documentation 
Update ACL documentation to describe support for the `X` permission for the `setfacl` command.
 2021-02-25 11:40:32 -08:00
Andrew Klychkov
080ae28e7d azure-pipelines: update default container version 2021-02-18 19:21:52 +03:00
John R Barker
e1dad76ccb AZP: Ensure collection dir is writable (#139) 2021-02-15 09:57:03 +00:00
ansible-zuul[bot]
bc0fb3096b Merge pull request #129 from evan-a-a/main 
firewalld: Add support for firewalld port forwarding

Reviewed-by: Adam Miller <admiller@redhat.com>
             https://github.com/maxamillion
 2021-01-18 20:06:36 +00:00
Evan Anderson
1e7d82af6d firewalld: Add support for firewalld port forwarding 
Fixes: ansible-collections/ansible.posix#100
 2021-01-16 19:05:44 -06:00
ansible-zuul[bot]
41d49e4e08 Merge pull request #123 from gundalow/azp-coverage 
AZP: Install ansible-test for coverage

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-12-11 16:11:34 +00:00
John Barker
6241e09ccd AZP: Install ansible-test for coverage 2020-12-11 15:33:50 +00:00
ansible-zuul[bot]
679fe78f32 Merge pull request #122 from gundalow/azp-readme-badge 
AZP Badge for README.md

Reviewed-by: shipabull
             https://github.com/shipabull
 2020-12-11 15:05:42 +00:00
John Barker
b8c5d6b1b7 AZP Badge for README.md 2020-12-11 14:30:52 +00:00
pneerincx
665f84d996 Removed trailing whitespace to satisfy PEP8 rule W291. 2020-12-11 15:16:03 +01:00
ansible-zuul[bot]
c359200e80 Merge pull request #121 from gundalow/azp-initial 
Initial Azure Pipeline config

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-12-11 14:10:43 +00:00
John Barker
793b039691 Initial Azure Pipeline config 2020-12-11 13:29:10 +00:00
ansible-zuul[bot]
ef36fdc17d Merge pull request #119 from Fale/synchronize 
fix indentation in doc

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-12-11 05:27:22 +00:00
Fabio Alessandro Locati
bcb08106d9 fix indentation in doc 2020-12-10 21:40:09 +01:00
pneerincx
cbf54f214c Added option to allow SSH connection multiplixing as opposed to hard-coded disabling it. Fixes bug #24365. 2020-12-10 20:52:34 +01:00
pneerincx
931326fb70 Bugfix for #17492. 2020-12-09 18:19:32 +01:00
ansible-zuul[bot]
6343dbdcff Merge pull request #113 from St0rmingBr4in/main 
firewalld: bring back zone target set

Reviewed-by: Adam Miller <admiller@redhat.com>
             https://github.com/maxamillion
 2020-12-01 18:27:47 +00:00
Adam Miller
34a12eb3f9 firewalld: add zone target set (#526) 
* firewalld: add zone target set

Fixes https://github.com/ansible/ansible/issues/49232

Signed-off-by: Adam Miller <admiller@redhat.com>

* fix sanity tests, add example of zone target setting

Signed-off-by: Adam Miller <admiller@redhat.com>

* test different zone/target combination as we're not hitting default settings

Signed-off-by: Adam Miller <admiller@redhat.com>

* fix enabled values for zone operations

Signed-off-by: Adam Miller <admiller@redhat.com>

* Apply suggestions from code review

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
 2020-11-16 12:14:10 +01:00
ansible-zuul[bot]
402e0b1f76 Merge pull request #103 from maxamillion/changelogs/add-changelog-fragment-for-pr101 
add changelog fragment for PR#101

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-10-26 14:46:29 +00:00
Adam Miller
1268d4aa0a add changelog fragment for PR#101 
Signed-off-by: Adam Miller <admiller@redhat.com>
 2020-10-23 15:08:26 -05:00
ansible-zuul[bot]
5988748999 Merge pull request #101 from schurzi/main 
do not persist sysctl when value is invalid

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-10-21 22:30:30 +00:00
Martin Schurz
5935dce47f do not persist sysctl when value is invalid 
the order of actions for setting, persisting and activation is changed,
to not persist an invalid sysctl value. This is only enforced when
sysct_set is True.
 2020-10-02 23:03:14 +02:00
ansible-zuul[bot]
77df4ba3fd Merge pull request #99 from dberg1/main 
at: add support for AIX

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-09-25 16:13:04 +00:00
dberg1
1e84bce91a at: add support for AIX 
AIX uses -lv options to cat a job (instead of -c for Linux).
AIX uses -r to remove a job.
Linux supports both -r and -d, so use -r since it is what POSIX says.
 2020-09-25 08:59:34 +02:00
ansible-zuul[bot]
d1fff45191 Merge pull request #82 from bmv126/synchronize_private_key_issue 
Fix for private_key overriding in synchronize module

Reviewed-by: Adam Miller <admiller@redhat.com>
             https://github.com/maxamillion
 2020-09-18 05:24:11 +00:00
ansible-zuul[bot]
0eeaf61a1a Merge pull request #97 from rystraum/patch-1 
Updated description of `use_ssh_args` option for synchronize.py

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-09-18 03:14:37 +00:00
Rystraum Gamonez
c96be65ec9 Updated description of use_ssh_args option 
This option has interactions with `ansible_ssh_common_args` as indicated in this issue thread: https://github.com/ansible/ansible/issues/16767
 2020-09-12 12:41:09 +08:00
vishwas
4b0b50439d Fix for private_key overriding in synchronize module 2020-09-04 04:16:43 -04:00
ansible-zuul[bot]
0177b87cbc Merge pull request #92 from jillr/prep_1_1_1_release 
Prepare 1.1.1 release

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-09-02 21:59:08 +00:00
jillr
079ba357d4 Refresh changelog 2020-09-02 20:56:39 +00:00
jillr
e5e36d3c7b Prepare 1.1.1 release 
Run add_docs.py
Run antsibull-changelog; backfill for prior releases
Bump release in galaxy.yml
Add .keep to changelogs/fragments so directory is not deleted if
`keep_fragments` is ever set to False.
 2020-09-02 20:55:04 +00:00
ansible-zuul[bot]
f68cec59e7 Merge pull request #88 from maxamillion/deprecation/update_skippy 
fix skippy callback deprecation warning

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-09-02 20:52:37 +00:00
ansible-zuul[bot]
402ec20076 Merge pull request #93 from jillr/sanity_fixes 
Fix sanity test failures

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-09-02 20:14:17 +00:00
jillr
2dfa6e28a1 Fix sanity test failures 
Remove no longer necessary ignore
Fix shippable.sh to use correct ansible_version variable and don't
quote pattern to be matched by =~
 2020-09-02 18:51:05 +00:00
Adam Miller
c390183337 fix skippy callback deprecation warning 
Fixes https://github.com/ansible-collections/ansible.posix/issues/62

Signed-off-by: Adam Miller <admiller@redhat.com>
 2020-08-21 16:24:35 -05:00
ansible-zuul[bot]
06efaeb108 Merge pull request #78 from Akasurde/firewalld_rich_rule 
firewalld: Add a Link for rich rules

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-08-12 13:59:38 +00:00
Abhijeet Kasurde
12e0c72841 firewalld: Add a Link for rich rules 
Add a link for Firewalld Rich Rules for further documentation.

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2020-08-10 11:10:34 +05:30
ansible-zuul[bot]
8d568fb6ea Merge pull request #76 from maxamillion/tests/dont-analyze-29 
don't run coverage analyze on Ansible 2.9

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-07-31 21:24:19 +00:00
ansible-zuul[bot]
210ed7c147 Merge pull request #74 from cchurch/synchronize-docker 
Fix synchronize to work with renamed docker and buildah connection plugins.

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-07-31 20:44:10 +00:00
Adam Miller
dd249846ec don't run coverage analyze on Ansible 2.9 
Fixes #73
https://github.com/ansible-collections/ansible.posix/issues/73

Signed-off-by: Adam Miller <admiller@redhat.com>
 2020-07-31 15:22:39 -05:00
Chris Church
53bb7312e4 Add changelog entry for #74. 2020-07-27 12:41:16 -04:00
Chris Church
32350028b6 Fix synchronize to work with renamed docker (and buildah) connection plugins. 2020-07-27 00:06:52 -04:00
ansible-zuul[bot]
85b43f9059 Merge pull request #71 from maxamillion/release-prep/1.1.1 
fix broken docs links pointing to old primary branch

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-07-21 14:33:01 +00:00
ansible-zuul[bot]
d944df3bde Merge pull request #72 from maxamillion/tests/disable-aix 
disable AIX tests in shippable for now because of intermittent failures from IBM Cloud

Reviewed-by: https://github.com/apps/ansible-zuul
 2020-07-17 18:12:43 +00:00
Adam Miller
be61219931 disable AIX tests in shippable for now because of intermittent failures from IBM Cloud 
Signed-off-by: Adam Miller <admiller@redhat.com>
 2020-07-16 16:08:17 -05:00
Adam Miller
4aba0d1e93 fix broken docs links pointing to old primary branch 
Signed-off-by: Adam Miller <admiller@redhat.com>
 2020-07-16 11:10:08 -05:00
130 changed files with 7152 additions and 2502 deletions
Expand all files Collapse all files

3
.azure-pipelines/README.md Normal file
View File

@@ -0,0 +1,3 @@
## Azure Pipelines Configuration
Please see the [Documentation](https://github.com/ansible/community/wiki/Testing:-Azure-Pipelines) for more information.

239
.azure-pipelines/azure-pipelines.yml Normal file
View File

@@ -0,0 +1,239 @@
trigger:
batch: true
branches:
include:
- main
- stable-*
pr:
autoCancel: true
branches:
include:
- main
- stable-*
schedules:
- cron: 0 9 * * *
displayName: Nightly
always: true
branches:
include:
- main
- stable-*
variables:
- name: checkoutPath
value: ansible_collections/ansible/posix
- name: coverageBranches
value: main
- name: pipelinesCoverage
value: coverage
- name: entryPoint
value: tests/utils/shippable/shippable.sh
- name: fetchDepth
value: 0
resources:
containers:
- container: default
image: quay.io/ansible/azure-pipelines-test-container:1.9.0
pool: Standard
stages:
## Docker
- stage: Docker_devel
displayName: Docker devel
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: CentOS 8
test: centos8
- name: Fedora 33
test: fedora33
- name: Fedora 34
test: fedora34
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 18.04
test: ubuntu1804
- name: Ubuntu 20.04
test: ubuntu2004
- stage: Docker_2_11
displayName: Docker 2.11
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.11/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: CentOS 8
test: centos8
- name: Fedora 32
test: fedora32
- name: Fedora 33
test: fedora33
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 18.04
test: ubuntu1804
- name: Ubuntu 20.04
test: ubuntu2004
- stage: Docker_2_10
displayName: Docker 2.10
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.10/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: CentOS 8
test: centos8
- name: Fedora 30
test: fedora30
- name: Fedora 31
test: fedora31
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 16.04
test: ubuntu1604
- name: Ubuntu 18.04
test: ubuntu1804
- stage: Docker_2_9
displayName: Docker 2.9
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.9/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: CentOS 8
test: centos8
- name: Fedora 30
test: fedora30
- name: Fedora 31
test: fedora31
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 16.04
test: ubuntu1604
- name: Ubuntu 18.04
test: ubuntu1804
## Remote
- stage: Remote_devel
displayName: Remote devel
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/{0}/1
targets:
- name: MacOS 11.1
test: macos/11.1
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.4
test: rhel/8.4
- name: FreeBSD 12.2
test: freebsd/12.2
- name: FreeBSD 13.0
test: freebsd/13.0
- stage: Remote_2_11
displayName: Remote 2.11
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.11/{0}/1
targets:
- name: MacOS 11.1
test: macos/11.1
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.3
test: rhel/8.3
- name: FreeBSD 11.4
test: freebsd/11.4
- name: FreeBSD 12.2
test: freebsd/12.2
- stage: Remote_2_10
displayName: Remote 2.10
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.10/{0}/1
targets:
- name: OS X 10.11
test: osx/10.11
- name: RHEL 7.6
test: rhel/7.6
- name: RHEL 8.2
test: rhel/8.2
- name: FreeBSD 11.1
test: freebsd/11.1
- name: FreeBSD 12.1
test: freebsd/12.1
- stage: Remote_2_9
displayName: Remote 2.9
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.9/{0}/1
targets:
- name: OS X 10.11
test: osx/10.11
- name: RHEL 7.6
test: rhel/7.6
- name: RHEL 8.1
test: rhel/8.1
- name: FreeBSD 11.1
test: freebsd/11.1
- name: FreeBSD 12.0
test: freebsd/12.0
## Finally
- stage: Summary
condition: succeededOrFailed()
dependsOn:
- Remote_2_9
- Docker_2_9
- Remote_2_10
- Remote_2_11
- Docker_2_10
- Docker_2_11
- Remote_devel
- Docker_devel
jobs:
- template: templates/coverage.yml

20
.azure-pipelines/scripts/aggregate-coverage.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/usr/bin/env bash
# Aggregate code coverage results for later processing.
set -o pipefail -eu
agent_temp_directory="$1"
PATH="${PWD}/bin:${PATH}"
mkdir "${agent_temp_directory}/coverage/"
options=(--venv --venv-system-site-packages --color -v)
ansible-test coverage combine --export "${agent_temp_directory}/coverage/" "${options[@]}"
if ansible-test coverage analyze targets generate --help >/dev/null 2>&1; then
# Only analyze coverage if the installed version of ansible-test supports it.
# Doing so allows this script to work unmodified for multiple Ansible versions.
ansible-test coverage analyze targets generate "${agent_temp_directory}/coverage/coverage-analyze-targets.json" "${options[@]}"
fi

60
.azure-pipelines/scripts/combine-coverage.py Executable file
View File

@@ -0,0 +1,60 @@
#!/usr/bin/env python
"""
Combine coverage data from multiple jobs, keeping the data only from the most recent attempt from each job.
Coverage artifacts must be named using the format: "Coverage $(System.JobAttempt) {StableUniqueNameForEachJob}"
The recommended coverage artifact name format is: Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)
Keep in mind that Azure Pipelines does not enforce unique job display names (only names).
It is up to pipeline authors to avoid name collisions when deviating from the recommended format.
"""
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import os
import re
import shutil
import sys
def main():
"""Main program entry point."""
source_directory = sys.argv[1]
if '/ansible_collections/' in os.getcwd():
output_path = "tests/output"
else:
output_path = "test/results"
destination_directory = os.path.join(output_path, 'coverage')
if not os.path.exists(destination_directory):
os.makedirs(destination_directory)
jobs = {}
count = 0
for name in os.listdir(source_directory):
match = re.search('^Coverage (?P<attempt>[0-9]+) (?P<label>.+)$', name)
label = match.group('label')
attempt = int(match.group('attempt'))
jobs[label] = max(attempt, jobs.get(label, 0))
for label, attempt in jobs.items():
name = 'Coverage {attempt} {label}'.format(label=label, attempt=attempt)
source = os.path.join(source_directory, name)
source_files = os.listdir(source)
for source_file in source_files:
source_path = os.path.join(source, source_file)
destination_path = os.path.join(destination_directory, source_file + '.' + label)
print('"%s" -> "%s"' % (source_path, destination_path))
shutil.copyfile(source_path, destination_path)
count += 1
print('Coverage file count: %d' % count)
print('##vso[task.setVariable variable=coverageFileCount]%d' % count)
print('##vso[task.setVariable variable=outputPath]%s' % output_path)
if __name__ == '__main__':
main()

24
.azure-pipelines/scripts/process-results.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/usr/bin/env bash
# Check the test results and set variables for use in later steps.
set -o pipefail -eu
if [[ "$PWD" =~ /ansible_collections/ ]]; then
output_path="tests/output"
else
output_path="test/results"
fi
echo "##vso[task.setVariable variable=outputPath]${output_path}"
if compgen -G "${output_path}"'/junit/*.xml' > /dev/null; then
echo "##vso[task.setVariable variable=haveTestResults]true"
fi
if compgen -G "${output_path}"'/bot/ansible-test-*' > /dev/null; then
echo "##vso[task.setVariable variable=haveBotResults]true"
fi
if compgen -G "${output_path}"'/coverage/*' > /dev/null; then
echo "##vso[task.setVariable variable=haveCoverageData]true"
fi

27
.azure-pipelines/scripts/publish-codecov.sh Executable file
View File

@@ -0,0 +1,27 @@
#!/usr/bin/env bash
# Upload code coverage reports to codecov.io.
# Multiple coverage files from multiple languages are accepted and aggregated after upload.
# Python coverage, as well as PowerShell and Python stubs can all be uploaded.
set -o pipefail -eu
output_path="$1"
curl --silent --show-error https://ansible-ci-files.s3.us-east-1.amazonaws.com/codecov/codecov.sh > codecov.sh
for file in "${output_path}"/reports/coverage*.xml; do
name="${file}"
name="${name##*/}" # remove path
name="${name##coverage=}" # remove 'coverage=' prefix if present
name="${name%.xml}" # remove '.xml' suffix
bash codecov.sh \
-f "${file}" \
-n "${name}" \
-X coveragepy \
-X gcov \
-X fix \
-X search \
-X xcode \
|| echo "Failed to upload code coverage report to codecov.io: ${file}"
done

15
.azure-pipelines/scripts/report-coverage.sh Executable file
View File

@@ -0,0 +1,15 @@
#!/usr/bin/env bash
# Generate code coverage reports for uploading to Azure Pipelines and codecov.io.
set -o pipefail -eu
PATH="${PWD}/bin:${PATH}"
if ! ansible-test --help >/dev/null 2>&1; then
# Install the devel version of ansible-test for generating code coverage reports.
# This is only used by Ansible Collections, which are typically tested against multiple Ansible versions (in separate jobs).
# Since a version of ansible-test is required that can work the output from multiple older releases, the devel version is used.
pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
fi
ansible-test coverage xml --stub --venv --venv-system-site-packages --color -v

34
.azure-pipelines/scripts/run-tests.sh Executable file
View File

@@ -0,0 +1,34 @@
#!/usr/bin/env bash
# Configure the test environment and run the tests.
set -o pipefail -eu
entry_point="$1"
test="$2"
read -r -a coverage_branches <<< "$3" # space separated list of branches to run code coverage on for scheduled builds
export COMMIT_MESSAGE
export COMPLETE
export COVERAGE
export IS_PULL_REQUEST
if [ "${SYSTEM_PULLREQUEST_TARGETBRANCH:-}" ]; then
IS_PULL_REQUEST=true
COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD^2)
else
IS_PULL_REQUEST=
COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD)
fi
COMPLETE=
COVERAGE=
if [ "${BUILD_REASON}" = "Schedule" ]; then
COMPLETE=yes
if printf '%s\n' "${coverage_branches[@]}" | grep -q "^${BUILD_SOURCEBRANCHNAME}$"; then
COVERAGE=yes
fi
fi
"${entry_point}" "${test}" 2>&1 | "$(dirname "$0")/time-command.py"

25
.azure-pipelines/scripts/time-command.py Executable file
View File

@@ -0,0 +1,25 @@
#!/usr/bin/env python
"""Prepends a relative timestamp to each input line from stdin and writes it to stdout."""
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import sys
import time
def main():
"""Main program entry point."""
start = time.time()
sys.stdin.reconfigure(errors='surrogateescape')
sys.stdout.reconfigure(errors='surrogateescape')
for line in sys.stdin:
seconds = time.time() - start
sys.stdout.write('%02d:%02d %s' % (seconds // 60, seconds % 60, line))
sys.stdout.flush()
if __name__ == '__main__':
main()

39
.azure-pipelines/templates/coverage.yml Normal file
View File

@@ -0,0 +1,39 @@
# This template adds a job for processing code coverage data.
# It will upload results to Azure Pipelines and codecov.io.
# Use it from a job stage that completes after all other jobs have completed.
# This can be done by placing it in a separate summary stage that runs after the test stage(s) have completed.
jobs:
- job: Coverage
displayName: Code Coverage
container: default
workspace:
clean: all
steps:
- checkout: self
fetchDepth: $(fetchDepth)
path: $(checkoutPath)
- task: DownloadPipelineArtifact@2
displayName: Download Coverage Data
inputs:
path: coverage/
patterns: "Coverage */*=coverage.combined"
- bash: .azure-pipelines/scripts/combine-coverage.py coverage/
displayName: Combine Coverage Data
- bash: .azure-pipelines/scripts/report-coverage.sh
displayName: Generate Coverage Report
condition: gt(variables.coverageFileCount, 0)
- task: PublishCodeCoverageResults@1
inputs:
codeCoverageTool: Cobertura
# Azure Pipelines only accepts a single coverage data file.
# That means only Python or PowerShell coverage can be uploaded, but not both.
# Set the "pipelinesCoverage" variable to determine which type is uploaded.
# Use "coverage" for Python and "coverage-powershell" for PowerShell.
summaryFileLocation: "$(outputPath)/reports/$(pipelinesCoverage).xml"
displayName: Publish to Azure Pipelines
condition: gt(variables.coverageFileCount, 0)
- bash: .azure-pipelines/scripts/publish-codecov.sh "$(outputPath)"
displayName: Publish to codecov.io
condition: gt(variables.coverageFileCount, 0)
continueOnError: true

55
.azure-pipelines/templates/matrix.yml Normal file
View File

@@ -0,0 +1,55 @@
# This template uses the provided targets and optional groups to generate a matrix which is then passed to the test template.
# If this matrix template does not provide the required functionality, consider using the test template directly instead.
parameters:
# A required list of dictionaries, one per test target.
# Each item in the list must contain a "test" or "name" key.
# Both may be provided. If one is omitted, the other will be used.
- name: targets
type: object
# An optional list of values which will be used to multiply the targets list into a matrix.
# Values can be strings or numbers.
- name: groups
type: object
default: []
# An optional format string used to generate the job name.
# - {0} is the name of an item in the targets list.
- name: nameFormat
type: string
default: "{0}"
# An optional format string used to generate the test name.
# - {0} is the name of an item in the targets list.
- name: testFormat
type: string
default: "{0}"
# An optional format string used to add the group to the job name.
# {0} is the formatted name of an item in the targets list.
# {{1}} is the group -- be sure to include the double "{{" and "}}".
- name: nameGroupFormat
type: string
default: "{0} - {{1}}"
# An optional format string used to add the group to the test name.
# {0} is the formatted test of an item in the targets list.
# {{1}} is the group -- be sure to include the double "{{" and "}}".
- name: testGroupFormat
type: string
default: "{0}/{{1}}"
jobs:
- template: test.yml
parameters:
jobs:
- ${{ if eq(length(parameters.groups), 0) }}:
- ${{ each target in parameters.targets }}:
- name: ${{ format(parameters.nameFormat, coalesce(target.name, target.test)) }}
test: ${{ format(parameters.testFormat, coalesce(target.test, target.name)) }}
- ${{ if not(eq(length(parameters.groups), 0)) }}:
- ${{ each group in parameters.groups }}:
- ${{ each target in parameters.targets }}:
- name: ${{ format(format(parameters.nameGroupFormat, parameters.nameFormat), coalesce(target.name, target.test), group) }}
test: ${{ format(format(parameters.testGroupFormat, parameters.testFormat), coalesce(target.test, target.name), group) }}

45
.azure-pipelines/templates/test.yml Normal file
View File

@@ -0,0 +1,45 @@
# This template uses the provided list of jobs to create test one or more test jobs.
# It can be used directly if needed, or through the matrix template.
parameters:
# A required list of dictionaries, one per test job.
# Each item in the list must contain a "job" and "name" key.
- name: jobs
type: object
jobs:
- ${{ each job in parameters.jobs }}:
- job: test_${{ replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_') }}
displayName: ${{ job.name }}
container: default
workspace:
clean: all
steps:
- checkout: self
fetchDepth: $(fetchDepth)
path: $(checkoutPath)
- bash: .azure-pipelines/scripts/run-tests.sh "$(entryPoint)" "${{ job.test }}" "$(coverageBranches)"
displayName: Run Tests
- bash: .azure-pipelines/scripts/process-results.sh
condition: succeededOrFailed()
displayName: Process Results
- bash: .azure-pipelines/scripts/aggregate-coverage.sh "$(Agent.TempDirectory)"
condition: eq(variables.haveCoverageData, 'true')
displayName: Aggregate Coverage Data
- task: PublishTestResults@2
condition: eq(variables.haveTestResults, 'true')
inputs:
testResultsFiles: "$(outputPath)/junit/*.xml"
displayName: Publish Test Results
- task: PublishPipelineArtifact@1
condition: eq(variables.haveBotResults, 'true')
displayName: Publish Bot Results
inputs:
targetPath: "$(outputPath)/bot/"
artifactName: "Bot $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
- task: PublishPipelineArtifact@1
condition: eq(variables.haveCoverageData, 'true')
displayName: Publish Coverage Data
inputs:
targetPath: "$(Agent.TempDirectory)/coverage/"
artifactName: "Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"

147
CHANGELOG.rst Normal file
View File

@@ -0,0 +1,147 @@
===========================
ansible.posix Release Notes
===========================
.. contents:: Topics
v1.3.0
======
Release Summary
---------------
This is the minor release of the ``ansible.posix`` collection.
This changelog contains all changes to the modules in this collection that
have been added after the release of ``ansible.posix`` 1.2.0.
Minor Changes
-------------
- acl - add new alias ``recurse`` for ``recursive`` parameter (https://github.com/ansible-collections/ansible.posix/issues/124).
- added 2.11 branch to test matrix, added ignore-2.12.txt.
- authorized_key - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156).
- authorized_key - add a list of valid key types (https://github.com/ansible-collections/ansible.posix/issues/134).
- mount - Change behavior of ``boot`` option to set ``noauto`` on BSD nodes (https://github.com/ansible-collections/ansible.posix/issues/28).
- mount - Change behavior of ``boot`` option to set ``noauto`` on Linux nodes (https://github.com/ansible-collections/ansible.posix/issues/28).
- mount - add ``no_log=False`` in ``argument_spec`` to clear false-positives of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156).
- mount - returns ``backup_file`` value when a backup fstab is created.
- synchronize - add ``delay_updates`` option (https://github.com/ansible-collections/ansible.posix/issues/157).
- synchronize - fix typo (https://github.com/ansible-collections/ansible.posix/pull/198).
Bugfixes
--------
- Synchronize module not recognizing remote ssh key (https://github.com/ansible-collections/ansible.posix/issues/24).
- Synchronize not using quotes around arguments like --out-format (https://github.com/ansible-collections/ansible.posix/issues/190).
- at - append line-separator to the end of the ``command`` (https://github.com/ansible-collections/ansible.posix/issues/169).
- csh - define ``ECHO`` and ``COMMAND_SEP`` (https://github.com/ansible-collections/ansible.posix/issues/204).
- firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239).
- firewalld - ensure idempotency with firewalld 0.9.3 (https://github.com/ansible-collections/ansible.posix/issues/179).
- firewalld - fix setting zone target to ``%%REJECT%%`` (https://github.com/ansible-collections/ansible.posix/pull/215).
- mount - Handle ``boot`` option on Solaris correctly (https://github.com/ansible-collections/ansible.posix/issues/184).
- synchronize - add ``community.podman.podman`` to the list of supported connection plugins (https://github.com/ansible-community/molecule-podman/issues/45).
- synchronize - complete podman support for synchronize module.
- synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241).
- synchronize - replace removed ``ansible_ssh_user`` by ``ansible_user`` everywhere; do the same for ``ansible_ssh_port`` and ``ansible_ssh_host`` (https://github.com/ansible-collections/ansible.posix/issues/60).
- synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222).
- synchronize - use become_user when invoking rsync on remote with sudo (https://github.com/ansible-collections/ansible.posix/issues/186).
- sysctl - modifying conditional check for docker to fix tests being skipped (https://github.com/ansible-collections/ansible.posix/pull/226).
v1.2.0
======
Release Summary
---------------
This is the minor release of the ``ansible.posix`` collection.
This changelog contains all changes to the modules in this collection that
have been added after the release of ``ansible.posix`` 1.1.0.
Minor Changes
-------------
- firewalld - bring the ``target`` feature back (https://github.com/ansible-collections/ansible.posix/issues/112).
- fix sanity test for various modules.
- synchronize - add the ``ssh_connection_multiplexing`` option to allow SSH connection multiplexing (https://github.com/ansible/ansible/issues/24365).
Bugfixes
--------
- at - add AIX support (https://github.com/ansible-collections/ansible.posix/pull/99).
- synchronize - add ``community.docker.docker`` to the list of supported transports (https://github.com/ansible-collections/ansible.posix/issues/132).
- synchronize - do not prepend PWD when path is in form user@server:path or server:path (https://github.com/ansible-collections/ansible.posix/pull/118).
- synchronize - fix for private_key overriding in synchronize module.
- sysctl - do not persist sysctl when value is invalid (https://github.com/ansible-collections/ansible.posix/pull/101).
v1.1.1
======
Minor Changes
-------------
- skippy - fixed the deprecation warning (by date) for skippy callback plugin
Bugfixes
--------
- Fix synchronize to work with renamed docker and buildah connection plugins.
v1.1.0
======
Minor Changes
-------------
- firewalld - add firewalld module to ansible.posix collection
v1.0.0
======
Major Changes
-------------
- Bootstrap Collection (https://github.com/ansible-collections/ansible.posix/pull/1).
Minor Changes
-------------
- CI should use devel (https://github.com/ansible-collections/ansible.posix/pull/6).
- Enable tests for at, patch and synchronize modules (https://github.com/ansible-collections/ansible.posix/pull/5).
- Enabled tags in galaxy.yml (https://github.com/ansible-collections/ansible.posix/issues/18).
- Migrate hacking/cgroup_perf_recap_graph.py to this collection, since the cgroup_perf_recap callback lives here.
- Remove license key from galaxy.yml.
- Remove sanity jobs from shippable (https://github.com/ansible-collections/ansible.posix/pull/43).
- Removed ANSIBLE_METADATA from all the modules.
- Revert "Enable at, patch and synchronize tests (https://github.com/ansible-collections/ansible.posix/pull/5)".
- Update EXAMPLES section in modules to use FQCN.
- Update README.md (https://github.com/ansible-collections/ansible.posix/pull/4/).
Bugfixes
--------
- Allow unsetting existing environment vars via environment by specifying a null value (https://github.com/ansible/ansible/pull/68236).
- Mount - Handle remount with new options (https://github.com/ansible/ansible/issues/59460).
- Profile_tasks - result was a odict_items which is not subscriptable, so the slicing was failing (https://github.com/ansible/ansible/issues/59059).
- Revert "mount - Check if src exists before mounted (ansible/ansible#61752)".
- Typecast results before use in profile_tasks callback (https://github.com/ansible/ansible/issues/69563).
- authorized_keys - Added FIDO2 security keys (https://github.com/ansible-collections/ansible.posix/issues/17).
- authorized_keys - fix inconsistent return value for check mode (https://github.com/ansible-collections/ansible.posix/issues/37)
- json callback - Fix host result to task references in the resultant JSON output for non-lockstep strategy plugins such as free (https://github.com/ansible/ansible/issues/65931)
- mount - fix issues with ismount module_util pathing for Ansible 2.9 (fixes https://github.com/ansible-collections/ansible.posix/issues/21)
- patch - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)
- selinux - add missing configuration keys for /etc/selinux/config (https://github.com/ansible-collections/ansible.posix/issues/23)
- synchronize - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)
New Modules
-----------
- acl - Set and retrieve file ACL information.
- at - Schedule the execution of a command or script file via the at command
- authorized_key - Adds or removes an SSH authorized key
- mount - Control active and configured mount points
- patch - Apply patch files using the GNU patch tool
- seboolean - Toggles SELinux booleans
- selinux - Change policy and state of SELinux
- synchronize - A wrapper around rsync to make common tasks in your playbooks quick and easy
- sysctl - Manage entries in sysctl.conf.

40
README.md
View File

@@ -1,15 +1,17 @@
# ansible.posix
<!-- Add CI and code coverage badges here. Samples included below. -->
[![Build Status](
https://dev.azure.com/ansible/ansible.posix/_apis/build/status/CI?branchName=main)](https://dev.azure.com/ansible/ansible.posix/_build?definitionId=26)
[![Run Status](https://api.shippable.com/projects/5e669aaf8b17a60007e4d18d/badge?branch=main)]() <!--[![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/ansible.posix)](https://codecov.io/gh/ansible-collections/ansible.posix)-->
<!-- Describe the collection and why a user would want to use it. What does the collection do? -->
An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems.
## Supported Versions of Ansible
<!--start requires_ansible-->
## Ansible version compatibility
This collection has been tested against following Ansible versions: **>=2.9,<2.11**.
This collection has been tested against following Ansible versions: **>=2.9**.
Plugins and modules within a collection may be tested with only specific Ansible versions.
A collection may contain metadata that identifies these versions.
@@ -22,16 +24,17 @@ PEP440 is the schema used to describe the versions of Ansible.
### Modules
Name | Description
--- | ---
[ansible.posix.acl](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.acl_module.rst)|Set and retrieve file ACL information.
[ansible.posix.at](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.at_module.rst)|Schedule the execution of a command or script file via the at command
[ansible.posix.authorized_key](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.authorized_key_module.rst)|Adds or removes an SSH authorized key
[ansible.posix.firewalld](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.firewalld_module.rst)|Manage arbitrary ports/services with firewalld
[ansible.posix.mount](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.mount_module.rst)|Control active and configured mount points
[ansible.posix.patch](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.patch_module.rst)|Apply patch files using the GNU patch tool
[ansible.posix.seboolean](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.seboolean_module.rst)|Toggles SELinux booleans
[ansible.posix.selinux](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.selinux_module.rst)|Change policy and state of SELinux
[ansible.posix.synchronize](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.synchronize_module.rst)|A wrapper around rsync to make common tasks in your playbooks quick and easy
[ansible.posix.sysctl](https://github.com/ansible-collections/ansible.posix/blob/master/docs/ansible.posix.sysctl_module.rst)|Manage entries in sysctl.conf.
[ansible.posix.acl](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.acl_module.rst)|Set and retrieve file ACL information.
[ansible.posix.at](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.at_module.rst)|Schedule the execution of a command or script file via the at command
[ansible.posix.authorized_key](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.authorized_key_module.rst)|Adds or removes an SSH authorized key
[ansible.posix.firewalld](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.firewalld_module.rst)|Manage arbitrary ports/services with firewalld
[ansible.posix.firewalld_info](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.firewalld_info_module.rst)|Gather information about firewalld
[ansible.posix.mount](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.mount_module.rst)|Control active and configured mount points
[ansible.posix.patch](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.patch_module.rst)|Apply patch files using the GNU patch tool
[ansible.posix.seboolean](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.seboolean_module.rst)|Toggles SELinux booleans
[ansible.posix.selinux](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.selinux_module.rst)|Change policy and state of SELinux
[ansible.posix.synchronize](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.synchronize_module.rst)|A wrapper around rsync to make common tasks in your playbooks quick and easy
[ansible.posix.sysctl](https://github.com/ansible-collections/ansible.posix/blob/main/docs/ansible.posix.sysctl_module.rst)|Manage entries in sysctl.conf.
<!--end collection content-->
@@ -73,9 +76,7 @@ This collection follows the Ansible project's
Please read and familiarize yourself with this document.
## Release notes
* 0.1.1 Initial stable build
* 0.1.0 Internal only build
See [changelog](https://github.com/ansible-collections/ansible.posix/blob/main/CHANGELOG.rst) for more details.
## External requirements
@@ -85,9 +86,10 @@ None
<!-- List the versions of Ansible the collection has been tested with. Must match what is in galaxy.yml. -->
* ansible-base 2.11 (devel)
* ansible-base 2.10 (Beta)
* ansible-base 2.9 (stable)
* ansible-core 2.12 (devel)
* ansible-core 2.11 (stable)
* ansible-base 2.10 (stable)
* ansible 2.9 (stable)
## Roadmap
@@ -106,4 +108,4 @@ None
GNU General Public License v3.0 or later.
See [COPYING](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text.
See [COPYING](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text.

212
changelogs/changelog.yaml Normal file
View File

@@ -0,0 +1,212 @@
ancestor: null
releases:
1.0.0:
changes:
bugfixes:
- Allow unsetting existing environment vars via environment by specifying a
null value (https://github.com/ansible/ansible/pull/68236).
- Mount - Handle remount with new options (https://github.com/ansible/ansible/issues/59460).
- Profile_tasks - result was a odict_items which is not subscriptable, so the
slicing was failing (https://github.com/ansible/ansible/issues/59059).
- Revert "mount - Check if src exists before mounted (ansible/ansible#61752)".
- Typecast results before use in profile_tasks callback (https://github.com/ansible/ansible/issues/69563).
- authorized_keys - Added FIDO2 security keys (https://github.com/ansible-collections/ansible.posix/issues/17).
- authorized_keys - fix inconsistent return value for check mode (https://github.com/ansible-collections/ansible.posix/issues/37)
- json callback - Fix host result to task references in the resultant JSON output
for non-lockstep strategy plugins such as free (https://github.com/ansible/ansible/issues/65931)
- mount - fix issues with ismount module_util pathing for Ansible 2.9 (fixes
https://github.com/ansible-collections/ansible.posix/issues/21)
- patch - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)
- selinux - add missing configuration keys for /etc/selinux/config (https://github.com/ansible-collections/ansible.posix/issues/23)
- synchronize - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)
major_changes:
- Bootstrap Collection (https://github.com/ansible-collections/ansible.posix/pull/1).
minor_changes:
- CI should use devel (https://github.com/ansible-collections/ansible.posix/pull/6).
- Enable tests for at, patch and synchronize modules (https://github.com/ansible-collections/ansible.posix/pull/5).
- Enabled tags in galaxy.yml (https://github.com/ansible-collections/ansible.posix/issues/18).
- Migrate hacking/cgroup_perf_recap_graph.py to this collection, since the cgroup_perf_recap
callback lives here.
- Remove license key from galaxy.yml.
- Remove sanity jobs from shippable (https://github.com/ansible-collections/ansible.posix/pull/43).
- Removed ANSIBLE_METADATA from all the modules.
- Revert "Enable at, patch and synchronize tests (https://github.com/ansible-collections/ansible.posix/pull/5)".
- Update EXAMPLES section in modules to use FQCN.
- Update README.md (https://github.com/ansible-collections/ansible.posix/pull/4/).
fragments:
- 11-action-plugins-use-fqcn.yml
- 12_migrate_cgroup_perf_recap_graph.yml
- 14_mount_option.yml
- 15_profile_tasks.yml
- 17_authorized_keys.yml
- 19_enable_tags.yml
- 21-mount-module_util-routing-issue.yml
- 23-selinux-doesnt-create-missing-config-keys.yml
- 25_ansible_metadata.yml
- 26_profile_tasks_doc.yml
- 27_update_examples.yml
- 33_mount.yml
- 35_disable_tests.yml
- 37-authorized_keys-inconsistent-check-mode-values.yml
- 39_remove_license.yml
- 43_remove_shippable.yml
- 4_update_readme.yml
- 5_enable_tests.yml
- 65931-json-callback-non-lockstep-output.yml
- 6_test_devel.yml
- 7_env.yml
- initial_commit.yaml
modules:
- description: Set and retrieve file ACL information.
name: acl
namespace: ''
- description: Schedule the execution of a command or script file via the at command
name: at
namespace: ''
- description: Adds or removes an SSH authorized key
name: authorized_key
namespace: ''
- description: Control active and configured mount points
name: mount
namespace: ''
- description: Apply patch files using the GNU patch tool
name: patch
namespace: ''
- description: Toggles SELinux booleans
name: seboolean
namespace: ''
- description: Change policy and state of SELinux
name: selinux
namespace: ''
- description: A wrapper around rsync to make common tasks in your playbooks quick
and easy
name: synchronize
namespace: ''
- description: Manage entries in sysctl.conf.
name: sysctl
namespace: ''
release_date: '2020-06-19'
1.1.0:
changes:
minor_changes:
- firewalld - add firewalld module to ansible.posix collection
fragments:
- firewalld_migration.yml
release_date: '2020-07-15'
1.1.1:
changes:
bugfixes:
- Fix synchronize to work with renamed docker and buildah connection plugins.
minor_changes:
- skippy - fixed the deprecation warning (by date) for skippy callback plugin
fragments:
- 74_synchronize_docker.yml
- skippy_deprecation.yml
release_date: '2020-09-02'
1.2.0:
changes:
bugfixes:
- at - add AIX support (https://github.com/ansible-collections/ansible.posix/pull/99).
- synchronize - add ``community.docker.docker`` to the list of supported transports
(https://github.com/ansible-collections/ansible.posix/issues/132).
- synchronize - do not prepend PWD when path is in form user@server:path or
server:path (https://github.com/ansible-collections/ansible.posix/pull/118).
- synchronize - fix for private_key overriding in synchronize module.
- sysctl - do not persist sysctl when value is invalid (https://github.com/ansible-collections/ansible.posix/pull/101).
minor_changes:
- firewalld - bring the ``target`` feature back (https://github.com/ansible-collections/ansible.posix/issues/112).
- fix sanity test for various modules.
- synchronize - add the ``ssh_connection_multiplexing`` option to allow SSH
connection multiplexing (https://github.com/ansible/ansible/issues/24365).
release_summary: 'This is the minor release of the ``ansible.posix`` collection.
This changelog contains all changes to the modules in this collection that
have been added after the release of ``ansible.posix`` 1.1.0.'
fragments:
- 1.2.0.yml
- 101-sysctl-dont-persist-when-invalid.yml
- 118-synchronize_bugfix.yml
- 120-synchronize_add_option.yml
- 144_add_community_docker_connection_plugin_alias.yml
- 82-private-key-override-fix.yml
- 99-at_add_aix_support.yml
- firewalld_zone_target.yml
- misc_fix.yml
release_date: '2021-03-08'
1.3.0:
changes:
bugfixes:
- Synchronize module not recognizing remote ssh key (https://github.com/ansible-collections/ansible.posix/issues/24).
- Synchronize not using quotes around arguments like --out-format (https://github.com/ansible-collections/ansible.posix/issues/190).
- at - append line-separator to the end of the ``command`` (https://github.com/ansible-collections/ansible.posix/issues/169).
- csh - define ``ECHO`` and ``COMMAND_SEP`` (https://github.com/ansible-collections/ansible.posix/issues/204).
- firewalld - enable integration after migration (https://github.com/ansible-collections/ansible.posix/pull/239).
- firewalld - ensure idempotency with firewalld 0.9.3 (https://github.com/ansible-collections/ansible.posix/issues/179).
- firewalld - fix setting zone target to ``%%REJECT%%`` (https://github.com/ansible-collections/ansible.posix/pull/215).
- mount - Handle ``boot`` option on Solaris correctly (https://github.com/ansible-collections/ansible.posix/issues/184).
- synchronize - add ``community.podman.podman`` to the list of supported connection
plugins (https://github.com/ansible-community/molecule-podman/issues/45).
- synchronize - complete podman support for synchronize module.
- synchronize - properly quote rsync CLI parameters (https://github.com/ansible-collections/ansible.posix/pull/241).
- synchronize - replace removed ``ansible_ssh_user`` by ``ansible_user`` everywhere;
do the same for ``ansible_ssh_port`` and ``ansible_ssh_host`` (https://github.com/ansible-collections/ansible.posix/issues/60).
- synchronize - use SSH args from SSH connection plugin (https://github.com/ansible-collections/ansible.posix/issues/222).
- synchronize - use become_user when invoking rsync on remote with sudo (https://github.com/ansible-collections/ansible.posix/issues/186).
- sysctl - modifying conditional check for docker to fix tests being skipped
(https://github.com/ansible-collections/ansible.posix/pull/226).
minor_changes:
- acl - add new alias ``recurse`` for ``recursive`` parameter (https://github.com/ansible-collections/ansible.posix/issues/124).
- added 2.11 branch to test matrix, added ignore-2.12.txt.
- authorized_key - add ``no_log=False`` in ``argument_spec`` to clear false-positives
of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156).
- authorized_key - add a list of valid key types (https://github.com/ansible-collections/ansible.posix/issues/134).
- mount - Change behavior of ``boot`` option to set ``noauto`` on BSD nodes
(https://github.com/ansible-collections/ansible.posix/issues/28).
- mount - Change behavior of ``boot`` option to set ``noauto`` on Linux nodes
(https://github.com/ansible-collections/ansible.posix/issues/28).
- mount - add ``no_log=False`` in ``argument_spec`` to clear false-positives
of ``no-log-needed`` (https://github.com/ansible-collections/ansible.posix/pull/156).
- mount - returns ``backup_file`` value when a backup fstab is created.
- synchronize - add ``delay_updates`` option (https://github.com/ansible-collections/ansible.posix/issues/157).
- synchronize - fix typo (https://github.com/ansible-collections/ansible.posix/pull/198).
release_summary: 'This is the minor release of the ``ansible.posix`` collection.
This changelog contains all changes to the modules in this collection that
have been added after the release of ``ansible.posix`` 1.2.0.'
fragments:
- 1.3.0.yml
- 124_acl.yml
- 126_mount_not_returning_backup_file.yml
- 134_authorized_key.yml
- 156-fix_no-log-needed_false_positives.yml
- 159-fix-60-deprecated-ansible_ssh_user.yml
- 167-synchronize-add_delay_option.yml
- 169_add_lineseparator_to_command.yml
- 175_synchronize.yml
- 179_firewalld.yml
- 181-update_codecov_sh_url.yml
- 185_mount_at_boot.yml
- 187-fix-synchronize-become-user.yml
- 193_firewalld.yml
- 196_boot_opt_for_linux.yml
- 203_boot_opt_for_bsd.yml
- 204_csh_shell.yml
- 207-mount_tests.yml
- 213_quote_cmd_args.yml
- 214-add_firewalld_info_module.yml
- 215_fix_REJECT_target_name.yml
- 217-restructure_authrized_key_test.yml
- 222_synchronize.yml
- 226_sysctl_fix_integration_test.yml
- 229_add_podman_connection_plugin_to_synchronize.yml
- 230_complete_podman_support_for_synchronize.yml
- 233-fix-wrong-firewalld-version-info.yml
- 241-synchronize-shell-quoting.yml
- firewalld_integ_test.yml
- firewalld_test.yml
- sanity_test_ignore_file.yml
- synchronize.yml
- test_matrix.yml
release_date: '2021-08-11'

2
changelogs/config.yaml
View File

@@ -2,7 +2,7 @@ changelog_filename_template: ../CHANGELOG.rst
changelog_filename_version_depth: 0
changes_file: changelog.yaml
changes_format: combined
keep_fragments: true
keep_fragments: false
mention_ancestor: true
new_plugins_after_name: removed_features
notesdir: fragments

0
changelogs/fragments/.empty → changelogs/fragments/.keep
View File

4
changelogs/fragments/11-action-plugins-use-fqcn.yml
View File

@@ -1,4 +0,0 @@
---
bugfixes:
- patch - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)
- synchronize - fix FQCN usage for action plugin (https://github.com/ansible-collections/ansible.posix/issues/11)

2
changelogs/fragments/12_migrate_cgroup_perf_recap_graph.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Migrate hacking/cgroup_perf_recap_graph.py to this collection, since the cgroup_perf_recap callback lives here.

2
changelogs/fragments/14_mount_option.yml
View File

@@ -1,2 +0,0 @@
bugfixes:
- Mount - Handle remount with new options (https://github.com/ansible/ansible/issues/59460).

2
changelogs/fragments/15_profile_tasks.yml
View File

@@ -1,2 +0,0 @@
bugfixes:
- Profile_tasks - result was a odict_items which is not subscriptable, so the slicing was failing (https://github.com/ansible/ansible/issues/59059).

3
changelogs/fragments/17_authorized_keys.yml
View File

@@ -1,3 +0,0 @@
---
bugfixes:
- authorized_keys - Added FIDO2 security keys (https://github.com/ansible-collections/ansible.posix/issues/17).

2
changelogs/fragments/19_enable_tags.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Enabled tags in galaxy.yml (https://github.com/ansible-collections/ansible.posix/issues/18).

3
changelogs/fragments/21-mount-module_util-routing-issue.yml
View File

@@ -1,3 +0,0 @@
---
bugfixes:
- mount - fix issues with ismount module_util pathing for Ansible 2.9 (fixes https://github.com/ansible-collections/ansible.posix/issues/21)

3
changelogs/fragments/23-selinux-doesnt-create-missing-config-keys.yml
View File

@@ -1,3 +0,0 @@
---
bugfixes:
- selinux - add missing configuration keys for /etc/selinux/config (https://github.com/ansible-collections/ansible.posix/issues/23)

2
changelogs/fragments/25_ansible_metadata.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Removed ANSIBLE_METADATA from all the modules.

2
changelogs/fragments/26_profile_tasks_doc.yml
View File

@@ -1,2 +0,0 @@
bugfixes:
- Typecast results before use in profile_tasks callback (https://github.com/ansible/ansible/issues/69563).

2
changelogs/fragments/27_update_examples.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Update EXAMPLES section in modules to use FQCN.

2
changelogs/fragments/33_mount.yml
View File

@@ -1,2 +0,0 @@
bugfixes:
- Revert "mount - Check if src exists before mounted (ansible/ansible#61752)".

2
changelogs/fragments/35_disable_tests.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Revert "Enable at, patch and synchronize tests (https://github.com/ansible-collections/ansible.posix/pull/5)".

3
changelogs/fragments/37-authorized_keys-inconsistent-check-mode-values.yml
View File

@@ -1,3 +0,0 @@
---
bugfixes:
- authorized_keys - fix inconsistent return value for check mode (https://github.com/ansible-collections/ansible.posix/issues/37)

2
changelogs/fragments/39_remove_license.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Remove license key from galaxy.yml.

2
changelogs/fragments/43_remove_shippable.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Remove sanity jobs from shippable (https://github.com/ansible-collections/ansible.posix/pull/43).

2
changelogs/fragments/4_update_readme.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Update README.md (https://github.com/ansible-collections/ansible.posix/pull/4/).

2
changelogs/fragments/5_enable_tests.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- Enable tests for at, patch and synchronize modules (https://github.com/ansible-collections/ansible.posix/pull/5).

4
changelogs/fragments/65931-json-callback-non-lockstep-output.yml
View File

@@ -1,4 +0,0 @@
bugfixes:
- json callback - Fix host result to task references in the resultant JSON
output for non-lockstep strategy plugins such as free
(https://github.com/ansible/ansible/issues/65931)

2
changelogs/fragments/6_test_devel.yml
View File

@@ -1,2 +0,0 @@
minor_changes:
- CI should use devel (https://github.com/ansible-collections/ansible.posix/pull/6).

2
changelogs/fragments/7_env.yml
View File

@@ -1,2 +0,0 @@
bugfixes:
- Allow unsetting existing environment vars via environment by specifying a null value (https://github.com/ansible/ansible/pull/68236).

3
changelogs/fragments/firewalld_migration.yml
View File

@@ -1,3 +0,0 @@
---
minor_changes:
- firewalld - add firewalld module to ansible.posix collection

2
changelogs/fragments/initial_commit.yaml
View File

@@ -1,2 +0,0 @@
major_changes:
- Bootstrap Collection (https://github.com/ansible-collections/ansible.posix/pull/1).

330
docs/ansible.posix.acl_module.rst
View File

@@ -31,217 +31,221 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>default</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If the target is a directory, setting this to <code>yes</code> will make it the default ACL for entities created inside the directory.</div>
<div>Setting <code>default</code> to <code>yes</code> causes an error if the path is a file.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If the target is a directory, setting this to <code>yes</code> will make it the default ACL for entities created inside the directory.</div>
<div>Setting <code>default</code> to <code>yes</code> causes an error if the path is a file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>entity</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>The actual user or group that the ACL applies to when matching entity types user or group are selected.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The actual user or group that the ACL applies to when matching entity types user or group are selected.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>entry</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>DEPRECATED.</div>
<div>The ACL to set or remove.</div>
<div>This must always be quoted in the form of <code>&lt;etype&gt;:&lt;qualifier&gt;:&lt;perms&gt;</code>.</div>
<div>The qualifier may be empty for some types, but the type and perms are always required.</div>
<div><code>-</code> can be used as placeholder when you do not care about permissions.</div>
<div>This is now superseded by entity, type and permissions fields.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>DEPRECATED.</div>
<div>The ACL to set or remove.</div>
<div>This must always be quoted in the form of <code>&lt;etype&gt;:&lt;qualifier&gt;:&lt;perms&gt;</code>.</div>
<div>The qualifier may be empty for some types, but the type and perms are always required.</div>
<div><code>-</code> can be used as placeholder when you do not care about permissions.</div>
<div>This is now superseded by entity, type and permissions fields.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>etype</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>group</li>
<li>mask</li>
<li>other</li>
<li>user</li>
</ul>
</td>
<td>
<div>The entity type of the ACL to apply, see <code>setfacl</code> documentation for more info.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>group</li>
<li>mask</li>
<li>other</li>
<li>user</li>
</ul>
</td>
<td>
<div>The entity type of the ACL to apply, see <code>setfacl</code> documentation for more info.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>follow</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether to follow symlinks on the path if a symlink is encountered.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether to follow symlinks on the path if a symlink is encountered.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>The full path of the file or object.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: name</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>The full path of the file or object.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: name</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>permissions</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>The permissions to apply/remove can be any combination of <code>r</code>, <code>w</code> and <code>x</code> (read, write and execute respectively)</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The permissions to apply/remove can be any combination of <code>r</code>, <code>w</code>, <code>x</code></div>
<div>(read, write and execute respectively), and <code>X</code> (execute permission if the file is a directory or already has execute permission for some user)</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>recalculate_mask</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>default</b>&nbsp;&larr;</div></li>
<li>mask</li>
<li>no_mask</li>
</ul>
</td>
<td>
<div>Select if and when to recalculate the effective right masks of the files.</div>
<div>See <code>setfacl</code> documentation for more info.</div>
<div>Incompatible with <code>state=query</code>.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>default</b>&nbsp;&larr;</div></li>
<li>mask</li>
<li>no_mask</li>
</ul>
</td>
<td>
<div>Select if and when to recalculate the effective right masks of the files.</div>
<div>See <code>setfacl</code> documentation for more info.</div>
<div>Incompatible with <code>state=query</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>recursive</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Recursively sets the specified ACL.</div>
<div>Incompatible with <code>state=query</code>.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Recursively sets the specified ACL.</div>
<div>Incompatible with <code>state=query</code>.</div>
<div>Alias <code>recurse</code> added in version 1.3.0.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: recurse</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>present</li>
<li><div style="color: blue"><b>query</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Define whether the ACL should be present or not.</div>
<div>The <code>query</code> state gets the current ACL without changing it, for use in <code>register</code> operations.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>present</li>
<li><div style="color: blue"><b>query</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Define whether the ACL should be present or not.</div>
<div>The <code>query</code> state gets the current ACL without changing it, for use in <code>register</code> operations.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>use_nfsv4_acls</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Use NFSv4 ACLs instead of POSIX ACLs.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Use NFSv4 ACLs instead of POSIX ACLs.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -258,9 +262,8 @@ Notes
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Grant user Joe read access to a file
ansible.posix.acl:
path: /etc/foo.conf
@@ -298,7 +301,6 @@ Examples
Return Values
-------------
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
@@ -311,24 +313,24 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<th>Returned</th>
<th width="100%">Description</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>acl</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Current ACL on provided path (after changes, if any)</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;user::rwx&#x27;, &#x27;group::rwx&#x27;, &#x27;other::rwx&#x27;]</div>
</td>
<div>Current ACL on provided path (after changes, if any)</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;user::rwx&#x27;, &#x27;group::rwx&#x27;, &#x27;other::rwx&#x27;]</div>
</td>
</tr>
</table>
</table>
<br/><br/>
@@ -341,5 +343,3 @@ Authors
- Brian Coca (@bcoca)
- Jérémie Astori (@astorije)

146
docs/ansible.posix.at_module.rst
View File

@@ -38,113 +38,113 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>command</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>A command to be executed in the future.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>A command to be executed in the future.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>count</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>The count of units in the future to execute the command or script file.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The count of units in the future to execute the command or script file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>script_file</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>An existing script file to be executed in the future.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>An existing script file to be executed in the future.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>The state dictates if the command or script file should be evaluated as present(added) or absent(deleted).</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>The state dictates if the command or script file should be evaluated as present(added) or absent(deleted).</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>unique</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If a matching job is present a new job will not be added.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If a matching job is present a new job will not be added.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>units</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>minutes</li>
<li>hours</li>
<li>days</li>
<li>weeks</li>
</ul>
</td>
<td>
<div>The type of units in the future to execute the command or script file.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>minutes</li>
<li>hours</li>
<li>days</li>
<li>weeks</li>
</ul>
</td>
<td>
<div>The type of units in the future to execute the command or script file.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -153,9 +153,8 @@ Parameters
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Schedule a command to execute in 20 minutes as root
ansible.posix.at:
command: ls -d / >/dev/null
@@ -177,7 +176,6 @@ Examples
Status
------
@@ -186,5 +184,3 @@ Authors
~~~~~~~
- Richard Isaacson (@risaacson)

424
docs/ansible.posix.authorized_key_module.rst
View File

@@ -31,191 +31,193 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>comment</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Change the comment on the public key.</div>
<div>Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab.</div>
<div>If no comment is specified, the existing comment will be kept.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Change the comment on the public key.</div>
<div>Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab.</div>
<div>If no comment is specified, the existing comment will be kept.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>exclusive</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Whether to remove all other non-specified keys from the authorized_keys file.</div>
<div>Multiple keys can be specified in a single <code>key</code> string value by separating them by newlines.</div>
<div>This option is not loop aware, so if you use <code>with_</code> , it will be exclusive per iteration of the loop.</div>
<div>If you want multiple keys in the file you need to pass them all to <code>key</code> in a single batch as mentioned above.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Whether to remove all other non-specified keys from the authorized_keys file.</div>
<div>Multiple keys can be specified in a single <code>key</code> string value by separating them by newlines.</div>
<div>This option is not loop aware, so if you use <code>with_</code> , it will be exclusive per iteration of the loop.</div>
<div>If you want multiple keys in the file you need to pass them all to <code>key</code> in a single batch as mentioned above.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>follow</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Follow path symlink instead of replacing it.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Follow path symlink instead of replacing it.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>key</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>key_options</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>A string of ssh key options to be prepended to the key in the authorized_keys file.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>A string of ssh key options to be prepended to the key in the authorized_keys file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>manage_dir</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether this module should manage the directory of the authorized key file.</div>
<div>If set to <code>yes</code>, the module will create the directory, as well as set the owner and permissions of an existing directory.</div>
<div>Be sure to set <code>manage_dir=no</code> if you are using an alternate directory for authorized_keys, as set with <code>path</code>, since you could lock yourself out of SSH access.</div>
<div>See the example below.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether this module should manage the directory of the authorized key file.</div>
<div>If set to <code>yes</code>, the module will create the directory, as well as set the owner and permissions of an existing directory.</div>
<div>Be sure to set <code>manage_dir=no</code> if you are using an alternate directory for authorized_keys, as set with <code>path</code>, since you could lock yourself out of SSH access.</div>
<div>See the example below.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Alternate path to the authorized_keys file.</div>
<div>When unset, this value defaults to <em>~/.ssh/authorized_keys</em>.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Alternate path to the authorized_keys file.</div>
<div>When unset, this value defaults to <em>~/.ssh/authorized_keys</em>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether the given key (with the given key_options) should or should not be in the file.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether the given key (with the given key_options) should or should not be in the file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>user</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>The username on the remote host whose authorized_keys file will be modified.</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>The username on the remote host whose authorized_keys file will be modified.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>validate_certs</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>This only applies if using a https url as the source of the keys.</div>
<div>If set to <code>no</code>, the SSL certificates will not be validated.</div>
<div>This should only set to <code>no</code> used on personally controlled sites using self-signed certificates as it avoids verifying the source site.</div>
<div>Prior to 2.1 the code worked as if this was set to <code>yes</code>.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>This only applies if using a https url as the source of the keys.</div>
<div>If set to <code>no</code>, the SSL certificates will not be validated.</div>
<div>This should only set to <code>no</code> used on personally controlled sites using self-signed certificates as it avoids verifying the source site.</div>
<div>Prior to 2.1 the code worked as if this was set to <code>yes</code>.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -224,9 +226,8 @@ Parameters
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Set authorized key taken from file
ansible.posix.authorized_key:
user: charlie
@@ -285,7 +286,6 @@ Examples
Return Values
-------------
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
@@ -298,169 +298,169 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<th>Returned</th>
<th width="100%">Description</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>exclusive</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>If the key has been forced to be exclusive or not.</div>
<br/>
</td>
<div>If the key has been forced to be exclusive or not.</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>key</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>The key that the module was running against.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">https://github.com/user.keys</div>
</td>
<div>The key that the module was running against.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">https://github.com/user.keys</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>key_option</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Key options related to the key.</div>
<br/>
</td>
<div>Key options related to the key.</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>keyfile</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Path for authorized key file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/home/user/.ssh/authorized_keys</div>
</td>
<div>Path for authorized key file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/home/user/.ssh/authorized_keys</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>manage_dir</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Whether this module managed the directory of the authorized key file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
<div>Whether this module managed the directory of the authorized key file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>path</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Alternate path to the authorized_keys file</div>
<br/>
</td>
<div>Alternate path to the authorized_keys file</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Whether the given key (with the given key_options) should or should not be in the file</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">present</div>
</td>
<div>Whether the given key (with the given key_options) should or should not be in the file</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">present</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>unique</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>Whether the key is unique</div>
<br/>
</td>
<div>Whether the key is unique</div>
<br/>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>user</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>The username on the remote host whose authorized_keys file will be modified</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">user</div>
</td>
<div>The username on the remote host whose authorized_keys file will be modified</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">user</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>validate_certs</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
</div>
</td>
<td>success</td>
<td>
<div>This only applies if using a https url as the source of the keys. If set to <code>no</code>, the SSL certificates will not be validated.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
<div>This only applies if using a https url as the source of the keys. If set to <code>no</code>, the SSL certificates will not be validated.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
</tr>
</table>
</table>
<br/><br/>
@@ -472,5 +472,3 @@ Authors
~~~~~~~
- Ansible Core Team

520
docs/ansible.posix.firewalld_info_module.rst Normal file
View File

@@ -0,0 +1,520 @@
.. _ansible.posix.firewalld_info_module:
****************************
ansible.posix.firewalld_info
****************************
**Gather information about firewalld**
.. contents::
:local:
:depth: 1
Synopsis
--------
- This module gathers information about firewalld rules.
Requirements
------------
The below requirements are needed on the host that executes this module.
- firewalld >= 0.2.11
- python-firewall
- python-dbus
Parameters
----------
.. raw:: html
<table border=0 cellpadding=0 class="documentation-table">
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>active_zones</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Gather information about active zones.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>zones</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=string</span>
</div>
</td>
<td>
</td>
<td>
<div>Gather information about specific zones.</div>
<div>If only works if <code>active_zones</code> is set to <code>false</code>.</div>
</td>
</tr>
</table>
<br/>
Examples
--------
.. code-block:: yaml
- name: Gather information about active zones
ansible.posix.firewalld_info:
active_zones: yes
- name: Gather information about specific zones
ansible.posix.firewalld_info:
zones:
- public
- external
- internal
Return Values
-------------
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
.. raw:: html
<table border=0 cellpadding=0 class="documentation-table">
<tr>
<th colspan="4">Key</th>
<th>Returned</th>
<th width="100%">Description</th>
</tr>
<tr>
<td colspan="4">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>active_zones</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>success</td>
<td>
<div>Gather active zones only if turn it <code>true</code>.</div>
<br/>
</td>
</tr>
<tr>
<td colspan="4">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>collected_zones</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of collected zones.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;external&#x27;, &#x27;internal&#x27;]</div>
</td>
</tr>
<tr>
<td colspan="4">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>firewalld_info</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>Returns various information about firewalld configuration.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="3">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>default_zones</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>The zone name of default zone.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">public</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="3">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>version</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>The version information of firewalld.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">0.8.2</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="3">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>zones</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>A dict of zones to gather information.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="2">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>zone</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">complex</span>
</div>
</td>
<td>success</td>
<td>
<div>The zone name registered in firewalld.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">external</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>forward</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>success</td>
<td>
<div>The network interface forwarding.</div>
<div>This parameter supports on python-firewall 0.9.0(or later) and is not collected in earlier versions.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>forward_ports</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of forwarding port pair with protocol.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;icmp&#x27;, &#x27;ipv6-icmp&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>icmp_block_inversion</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>success</td>
<td>
<div>The ICMP block inversion to block all ICMP requests.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>icmp_blocks</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of blocking icmp protocol.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;echo-request&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>interfaces</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of network interfaces.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;eth0&#x27;, &#x27;eth1&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>masquerade</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>success</td>
<td>
<div>The network interface masquerading.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>ports</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of network port with protocol.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[[&#x27;22&#x27;, &#x27;tcp&#x27;], [&#x27;80&#x27;, &#x27;tcp&#x27;]]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>protocols</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of network protocol.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;icmp&#x27;, &#x27;ipv6-icmp&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>rich_rules</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of rich language rule.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;rule protocol value=&quot;icmp&quot; reject&#x27;, &#x27;rule priority=&quot;32767&quot; reject&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>services</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of network services.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;dhcp&#x27;, &#x27;dns&#x27;, &#x27;ssh&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>source_ports</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of network source port with protocol.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[[&#x27;30000&#x27;, &#x27;tcp&#x27;], [&#x27;30001&#x27;, &#x27;tcp&#x27;]]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>sources</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of source network address.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;172.16.30.0/24&#x27;, &#x27;172.16.31.0/24&#x27;]</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>target</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of services in the zone.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">ACCEPT</div>
</td>
</tr>
<tr>
<td colspan="4">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>undefined_zones</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>success</td>
<td>
<div>A list of undefined zones in <code>zones</code> option.</div>
<div><code>undefined_zones</code> will be ignored for gathering process.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[&#x27;foo&#x27;, &#x27;bar&#x27;]</div>
</td>
</tr>
</table>
<br/><br/>
Status
------
Authors
~~~~~~~
- Hideki Saito (@saito-hideki)

437
docs/ansible.posix.firewalld_module.rst
View File

@@ -34,249 +34,362 @@ Parameters
<table border=0 cellpadding=0 class="documentation-table">
<tr>
<th colspan="1">Parameter</th>
<th colspan="2">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>icmp_block</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The ICMP block you would like to add/remove to/from a zone in firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The ICMP block you would like to add/remove to/from a zone in firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>icmp_block_inversion</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Enable/Disable inversion of ICMP blocks for a zone in firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Enable/Disable inversion of ICMP blocks for a zone in firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>immediate</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Should this configuration be applied immediately, if set as permanent.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Should this configuration be applied immediately, if set as permanent.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>interface</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The interface you would like to add/remove to/from a zone in firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The interface you would like to add/remove to/from a zone in firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>masquerade</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The masquerade setting you would like to enable/disable to/from zones within firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The masquerade setting you would like to enable/disable to/from zones within firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>offline</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Whether to run this module even when firewalld is offline.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Whether to run this module even when firewalld is offline.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>permanent</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Should this configuration be in the running firewalld configuration or persist across reboots.</div>
<div>As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld &gt;= 3.0.9).</div>
<div>Note that if this is <code>no</code>, immediate is assumed <code>yes</code>.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Should this configuration be in the running firewalld configuration or persist across reboots.</div>
<div>As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld &gt;= 0.3.9).</div>
<div>Note that if this is <code>no</code>, immediate is assumed <code>yes</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>port</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Name of a port or port range to add/remove to/from firewalld.</div>
<div>Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Name of a port or port range to add/remove to/from firewalld.</div>
<div>Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges.</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>port_forward</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
/ <span style="color: purple">elements=dictionary</span>
</div>
</td>
<td>
</td>
<td>
<div>Port and protocol to forward using firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>port</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Source port to forward from</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>proto</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>udp</li>
<li>tcp</li>
</ul>
</td>
<td>
<div>protocol to forward</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>toaddr</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Optional address to forward to</div>
</td>
</tr>
<tr>
<td class="elbow-placeholder"></td>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>toport</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>destination port</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>rich_rule</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Rich rule to add/remove to/from firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Rich rule to add/remove to/from firewalld.</div>
<div>See <a href='https://firewalld.org/documentation/man-pages/firewalld.richlanguage.html'>Syntax for firewalld rich language rules</a>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>service</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Name of a service to add/remove to/from firewalld.</div>
<div>The service must be listed in output of firewall-cmd --get-services.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Name of a service to add/remove to/from firewalld.</div>
<div>The service must be listed in output of firewall-cmd --get-services.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>source</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The source/network you would like to add/remove to/from firewalld.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The source/network you would like to add/remove to/from firewalld.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>disabled</li>
<li>enabled</li>
<li>present</li>
</ul>
</td>
<td>
<div>Enable or disable a setting.</div>
<div>For ports: Should this port accept (enabled) or reject (disabled) connections.</div>
<div>The states <code>present</code> and <code>absent</code> can only be used in zone level operations (i.e. when no other parameters but zone and state are set).</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>disabled</li>
<li>enabled</li>
<li>present</li>
</ul>
</td>
<td>
<div>Enable or disable a setting.</div>
<div>For ports: Should this port accept (enabled) or reject (disabled) connections.</div>
<div>The states <code>present</code> and <code>absent</code> can only be used in zone level operations (i.e. when no other parameters but zone and state are set).</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>target</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 1.2.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>default</li>
<li>ACCEPT</li>
<li>DROP</li>
<li>%%REJECT%%</li>
</ul>
</td>
<td>
<div>firewalld Zone target</div>
<div>If state is set to <code>absent</code>, this will reset the target to default</div>
</td>
</tr>
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>timeout</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>The amount of time the rule should be in effect for when non-permanent.</div>
</td>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>The amount of time in seconds the rule should be in effect for when non-permanent.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="2">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>zone</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The firewalld zone to add/remove to/from.</div>
<div>Note that the default zone can be configured per system but <code>public</code> is default from upstream.</div>
<div>Available choices can be extended based on per-system configs, listed here are &quot;out of the box&quot; defaults.</div>
<div>Possible values include <code>block</code>, <code>dmz</code>, <code>drop</code>, <code>external</code>, <code>home</code>, <code>internal</code>, <code>public</code>, <code>trusted</code>, <code>work</code>.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>The firewalld zone to add/remove to/from.</div>
<div>Note that the default zone can be configured per system but <code>public</code> is default from upstream.</div>
<div>Available choices can be extended based on per-system configs, listed here are &quot;out of the box&quot; defaults.</div>
<div>Possible values include <code>block</code>, <code>dmz</code>, <code>drop</code>, <code>external</code>, <code>home</code>, <code>internal</code>, <code>public</code>, <code>trusted</code>, <code>work</code>.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -294,9 +407,8 @@ Notes
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: permit traffic in default zone for https service
ansible.posix.firewalld:
service: https
@@ -359,6 +471,12 @@ Examples
permanent: yes
icmp_block: echo-request
- ansible.posix.firewalld:
zone: internal
state: present
permanent: yes
target: ACCEPT
- name: Redirect port 443 to 8443 with Rich Rule
ansible.posix.firewalld:
rich_rule: rule family=ipv4 forward-port port=443 protocol=tcp to-port=8443
@@ -370,7 +488,6 @@ Examples
Status
------
@@ -379,5 +496,3 @@ Authors
~~~~~~~
- Adam Miller (@maxamillion)

270
docs/ansible.posix.mount_module.rst
View File

@@ -31,193 +31,198 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>backup</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>boot</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Determines if the filesystem should be mounted on boot.</div>
<div>Only applies to Solaris systems.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Determines if the filesystem should be mounted on boot.</div>
<div>Only applies to Solaris and Linux systems.</div>
<div>For Solaris systems, <code>true</code> will set <code>yes</code> as the value of mount at boot in <em>/etc/vfstab</em>.</div>
<div>For Linux, FreeBSD, NetBSD and OpenBSD systems, <code>false</code> will add <code>noauto</code> to mount options in <em>/etc/fstab</em>.</div>
<div>To avoid mount option conflicts, if <code>noauto</code> specified in <code>opts</code>, mount module will ignore <code>boot</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dump</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Dump (see fstab(5)).</div>
<div>Note that if set to <code>null</code> and <em>state</em> set to <code>present</code>, it will cease to work and duplicate entries will be made with subsequent runs.</div>
<div>Has no effect on Solaris systems.</div>
</td>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Dump (see fstab(5)).</div>
<div>Note that if set to <code>null</code> and <em>state</em> set to <code>present</code>, it will cease to work and duplicate entries will be made with subsequent runs.</div>
<div>Has no effect on Solaris systems.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>fstab</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>File to use instead of <code>/etc/fstab</code>.</div>
<div>You should not use this option unless you really know what you are doing.</div>
<div>This might be useful if you need to configure mountpoints in a chroot environment.</div>
<div>OpenBSD does not allow specifying alternate fstab files with mount so do not use this on OpenBSD with any state that operates on the live filesystem.</div>
<div>This parameter defaults to /etc/fstab or /etc/vfstab on Solaris.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>File to use instead of <code>/etc/fstab</code>.</div>
<div>You should not use this option unless you really know what you are doing.</div>
<div>This might be useful if you need to configure mountpoints in a chroot environment.</div>
<div>OpenBSD does not allow specifying alternate fstab files with mount so do not use this on OpenBSD with any state that operates on the live filesystem.</div>
<div>This parameter defaults to /etc/fstab or /etc/vfstab on Solaris.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>fstype</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Filesystem type.</div>
<div>Required when <em>state</em> is <code>present</code> or <code>mounted</code>.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Filesystem type.</div>
<div>Required when <em>state</em> is <code>present</code> or <code>mounted</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>opts</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Mount options (see fstab(5), or vfstab(4) on Solaris).</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Mount options (see fstab(5), or vfstab(4) on Solaris).</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>passno</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Passno (see fstab(5)).</div>
<div>Note that if set to <code>null</code> and <em>state</em> set to <code>present</code>, it will cease to work and duplicate entries will be made with subsequent runs.</div>
<div>Deprecated on Solaris systems.</div>
</td>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Passno (see fstab(5)).</div>
<div>Note that if set to <code>null</code> and <em>state</em> set to <code>present</code>, it will cease to work and duplicate entries will be made with subsequent runs.</div>
<div>Deprecated on Solaris systems.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>Path to the mount point (e.g. <code>/mnt/files</code>).</div>
<div>Before Ansible 2.3 this option was only usable as <em>dest</em>, <em>destfile</em> and <em>name</em>.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: name</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Path to the mount point (e.g. <code>/mnt/files</code>).</div>
<div>Before Ansible 2.3 this option was only usable as <em>dest</em>, <em>destfile</em> and <em>name</em>.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: name</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>src</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Device (or NFS volume, or something else) to be mounted on <em>path</em>.</div>
<div>Required when <em>state</em> set to <code>present</code> or <code>mounted</code>.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Device (or NFS volume, or something else) to be mounted on <em>path</em>.</div>
<div>Required when <em>state</em> set to <code>present</code> or <code>mounted</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>mounted</li>
<li>present</li>
<li>unmounted</li>
<li>remounted</li>
</ul>
</td>
<td>
<div>If <code>mounted</code>, the device will be actively mounted and appropriately configured in <em>fstab</em>. If the mount point is not present, the mount point will be created.</div>
<div>If <code>unmounted</code>, the device will be unmounted without changing <em>fstab</em>.</div>
<div><code>present</code> only specifies that the device is to be configured in <em>fstab</em> and does not trigger or require a mount.</div>
<div><code>absent</code> specifies that the device mount&#x27;s entry will be removed from <em>fstab</em> and will also unmount the device and remove the mount point.</div>
<div><code>remounted</code> specifies that the device will be remounted for when you want to force a refresh on the mount itself (added in 2.9). This will always return changed=true. If <em>opts</em> is set, the options will be applied to the remount, but will not change <em>fstab</em>. Additionally, if <em>opts</em> is set, and the remount command fails, the module will error to prevent unexpected mount changes. Try using <code>mounted</code> instead to work around this issue.</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li>mounted</li>
<li>present</li>
<li>unmounted</li>
<li>remounted</li>
</ul>
</td>
<td>
<div>If <code>mounted</code>, the device will be actively mounted and appropriately configured in <em>fstab</em>. If the mount point is not present, the mount point will be created.</div>
<div>If <code>unmounted</code>, the device will be unmounted without changing <em>fstab</em>.</div>
<div><code>present</code> only specifies that the device is to be configured in <em>fstab</em> and does not trigger or require a mount.</div>
<div><code>absent</code> specifies that the device mount&#x27;s entry will be removed from <em>fstab</em> and will also unmount the device and remove the mount point.</div>
<div><code>remounted</code> specifies that the device will be remounted for when you want to force a refresh on the mount itself (added in 2.9). This will always return changed=true. If <em>opts</em> is set, the options will be applied to the remount, but will not change <em>fstab</em>. Additionally, if <em>opts</em> is set, and the remount command fails, the module will error to prevent unexpected mount changes. Try using <code>mounted</code> instead to work around this issue.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -233,9 +238,8 @@ Notes
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
# Before 2.3, option 'name' was used instead of 'path'
- name: Mount DVD read-only
ansible.posix.mount:
@@ -295,6 +299,14 @@ Examples
state: mounted
fstype: nfs
- name: Mount NFS volumes with noauto according to boot option
ansible.posix.mount:
src: 192.168.1.100:/nfs/ssd/shared_data
path: /mnt/shared_data
opts: rw,sync,hard,intr
boot: no
state: mounted
fstype: nfs
@@ -308,5 +320,3 @@ Authors
- Ansible Core Team
- Seth Vidal (@skvidal)

229
docs/ansible.posix.patch_module.rst
View File

@@ -31,172 +31,173 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>backup</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Passes <code>--backup --version-control=numbered</code> to patch, producing numbered backup copies.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Passes <code>--backup --version-control=numbered</code> to patch, producing numbered backup copies.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>basedir</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Path of a base directory in which the patch file will be applied.</div>
<div>May be omitted when <code>dest</code> option is specified, otherwise required.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Path of a base directory in which the patch file will be applied.</div>
<div>May be omitted when <code>dest</code> option is specified, otherwise required.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>binary</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Setting to <code>yes</code> will disable patch&#x27;s heuristic for transforming CRLF line endings into LF.</div>
<div>Line endings of src and dest must match.</div>
<div>If set to <code>no</code>, <code>patch</code> will replace CRLF in <code>src</code> files on POSIX.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Setting to <code>yes</code> will disable patch&#x27;s heuristic for transforming CRLF line endings into LF.</div>
<div>Line endings of src and dest must match.</div>
<div>If set to <code>no</code>, <code>patch</code> will replace CRLF in <code>src</code> files on POSIX.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dest</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Path of the file on the remote machine to be patched.</div>
<div>The names of the files to be patched are usually taken from the patch file, but if there&#x27;s just one file to be patched it can specified with this option.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: originalfile</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Path of the file on the remote machine to be patched.</div>
<div>The names of the files to be patched are usually taken from the patch file, but if there&#x27;s just one file to be patched it can specified with this option.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: originalfile</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ignore_whitespace</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Setting to <code>yes</code> will ignore white space changes between patch and input..</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Setting to <code>yes</code> will ignore white space changes between patch and input..</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>remote_src</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If <code>no</code>, it will search for src at originating/controller machine, if <code>yes</code> it will go to the remote/target machine for the <code>src</code>.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>If <code>no</code>, it will search for src at originating/controller machine, if <code>yes</code> it will go to the remote/target machine for the <code>src</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>src</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>Path of the patch file as accepted by the GNU patch tool. If <code>remote_src</code> is &#x27;no&#x27;, the patch source file is looked up from the module&#x27;s <em>files</em> directory.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: patchfile</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Path of the patch file as accepted by the GNU patch tool. If <code>remote_src</code> is &#x27;no&#x27;, the patch source file is looked up from the module&#x27;s <em>files</em> directory.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: patchfile</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether the patch should be applied or reverted.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>absent</li>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Whether the patch should be applied or reverted.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>strip</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Number that indicates the smallest prefix containing leading slashes that will be stripped from each file name found in the patch file.</div>
<div>For more information see the strip parameter of the GNU patch tool.</div>
</td>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Number that indicates the smallest prefix containing leading slashes that will be stripped from each file name found in the patch file.</div>
<div>For more information see the strip parameter of the GNU patch tool.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -211,9 +212,8 @@ Notes
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Apply patch to one file
ansible.posix.patch:
src: /tmp/index.html.patch
@@ -234,7 +234,6 @@ Examples
Status
------
@@ -244,5 +243,3 @@ Authors
- Jakub Jirutka (@jirutka)
- Luis Alberto Perez Lazaro (@luisperlaz)

110
docs/ansible.posix.seboolean_module.rst
View File

@@ -38,81 +38,83 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ignore_selinux_state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Useful for scenarios (chrooted environment) that you can&#x27;t get the real SELinux state.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Useful for scenarios (chrooted environment) that you can&#x27;t get the real SELinux state.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>name</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>Name of the boolean to configure.</div>
</td>
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Name of the boolean to configure.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>persistent</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Set to <code>yes</code> if the boolean setting should survive a reboot.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Set to <code>yes</code> if the boolean setting should survive a reboot.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Desired boolean value</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Desired boolean value</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -127,9 +129,8 @@ Notes
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Set httpd_can_network_connect flag on and keep it persistent across reboots
ansible.posix.seboolean:
name: httpd_can_network_connect
@@ -139,7 +140,6 @@ Examples
Status
------
@@ -148,5 +148,3 @@ Authors
~~~~~~~
- Stephen Fromm (@sfromm)

177
docs/ansible.posix.selinux_module.rst
View File

@@ -39,61 +39,62 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>configfile</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">"/etc/selinux/config"</div>
</td>
<td>
<div>The path to the SELinux configuration file, if non-standard.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: conf, file</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">"/etc/selinux/config"</div>
</td>
<td>
<div>The path to the SELinux configuration file, if non-standard.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: conf, file</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>policy</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>The name of the SELinux policy to use (e.g. <code>targeted</code>) will be required if state is not <code>disabled</code>.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>The name of the SELinux policy to use (e.g. <code>targeted</code>) will be required if <em>state</em> is not <code>disabled</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>disabled</li>
<li>enforcing</li>
<li>permissive</li>
</ul>
</td>
<td>
<div>The SELinux mode.</div>
</td>
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>disabled</li>
<li>enforcing</li>
<li>permissive</li>
</ul>
</td>
<td>
<div>The SELinux mode.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -102,9 +103,8 @@ Parameters
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Enable SELinux
ansible.posix.selinux:
policy: targeted
@@ -121,7 +121,6 @@ Examples
Return Values
-------------
Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
@@ -134,92 +133,92 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late
<th>Returned</th>
<th width="100%">Description</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>configfile</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>always</td>
<td>
<div>Path to SELinux configuration file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/etc/selinux/config</div>
</td>
<div>Path to SELinux configuration file.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/etc/selinux/config</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>msg</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>always</td>
<td>
<div>Messages that describe changes that were made.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">Config SELinux state changed from &#x27;disabled&#x27; to &#x27;permissive&#x27;</div>
</td>
<div>Messages that describe changes that were made.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">Config SELinux state changed from &#x27;disabled&#x27; to &#x27;permissive&#x27;</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>policy</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>always</td>
<td>
<div>Name of the SELinux policy.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">targeted</div>
</td>
<div>Name of the SELinux policy.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">targeted</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>reboot_required</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
</div>
</td>
<td>always</td>
<td>
<div>Whether or not an reboot is required for the changes to take effect.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
<div>Whether or not an reboot is required for the changes to take effect.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">True</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="return-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
</div>
</td>
<td>always</td>
<td>
<div>SELinux mode.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">enforcing</div>
</td>
<div>SELinux mode.</div>
<br/>
<div style="font-size: smaller"><b>Sample:</b></div>
<div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">enforcing</div>
</td>
</tr>
</table>
</table>
<br/><br/>
@@ -231,5 +230,3 @@ Authors
~~~~~~~
- Derek Carter (@goozbach) <goozbach@friocorte.com>

714
docs/ansible.posix.synchronize_module.rst
View File

@@ -34,492 +34,538 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>archive</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Mirrors the rsync archive flag, enables recursive, links, perms, times, owner, group flags and -D.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Mirrors the rsync archive flag, enables recursive, links, perms, times, owner, group flags and -D.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>checksum</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip based on checksum, rather than mod-time &amp; size; Note that that &quot;archive&quot; option is still enabled by default - the &quot;checksum&quot; option will not disable it.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip based on checksum, rather than mod-time &amp; size; Note that that &quot;archive&quot; option is still enabled by default - the &quot;checksum&quot; option will not disable it.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>compress</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Compress file data during the transfer.</div>
<div>In most cases, leave this enabled unless it causes problems.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Compress file data during the transfer.</div>
<div>In most cases, leave this enabled unless it causes problems.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>copy_links</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Copy symlinks as the item that they point to (the referent) is copied, rather than the symlink.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Copy symlinks as the item that they point to (the referent) is copied, rather than the symlink.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>delay_updates</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
<div style="font-style: italic; font-size: small; color: darkgreen">added in 1.3.0</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>This option puts the temporary file from each updated file into a holding directory until the end of the transfer, at which time all the files are renamed into place in rapid succession.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>delete</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Delete files in <code>dest</code> that don&#x27;t exist (after transfer, not before) in the <code>src</code> path.</div>
<div>This option requires <code>recursive=yes</code>.</div>
<div>This option ignores excluded files and behaves like the rsync opt --delete-excluded.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Delete files in <em>dest</em> that do not exist (after transfer, not before) in the <em>src</em> path.</div>
<div>This option requires <em>recursive=yes</em>.</div>
<div>This option ignores excluded files and behaves like the rsync opt <code>--delete-after</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dest</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>Path on the destination host that will be synchronized from the source.</div>
<div>The path can be absolute or relative.</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Path on the destination host that will be synchronized from the source.</div>
<div>The path can be absolute or relative.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dest_port</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
</div>
</td>
<td>
</td>
<td>
<div>Port number for ssh on the destination host.</div>
<div>Prior to Ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.</div>
<div>This parameter defaults to the value of <code>ansible_ssh_port</code> or <code>ansible_port</code>, the <code>remote_port</code> config setting or the value from ssh client configuration if none of the former have been set.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Port number for ssh on the destination host.</div>
<div>Prior to Ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.</div>
<div>This parameter defaults to the value of <code>ansible_port</code>, the <code>remote_port</code> config setting or the value from ssh client configuration if none of the former have been set.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>dirs</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Transfer directories without recursing.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Transfer directories without recursing.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>existing_only</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip creating new files on receiver.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Skip creating new files on receiver.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>group</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve group.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve group.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>link_dest</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">null</div>
</td>
<td>
<div>Add a destination to hard link against during the rsync.</div>
</td>
/ <span style="color: purple">elements=string</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">null</div>
</td>
<td>
<div>Add a destination to hard link against during the rsync.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>links</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Copy symlinks as symlinks.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Copy symlinks as symlinks.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>mode</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>pull</li>
<li><div style="color: blue"><b>push</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Specify the direction of the synchronization.</div>
<div>In push mode the localhost or delegate is the source.</div>
<div>In pull mode the remote host in context is the source.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>pull</li>
<li><div style="color: blue"><b>push</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Specify the direction of the synchronization.</div>
<div>In push mode the localhost or delegate is the source.</div>
<div>In pull mode the remote host in context is the source.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>owner</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve owner (super user only).</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve owner (super user only).</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>partial</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>perms</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve permissions.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve permissions.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>private_key</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">path</span>
</div>
</td>
<td>
</td>
<td>
<div>Specify the private key to use for SSH-based rsync connections (e.g. <code>~/.ssh/id_rsa</code>).</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Specify the private key to use for SSH-based rsync connections (e.g. <code>~/.ssh/id_rsa</code>).</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>recursive</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Recurse into directories.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Recurse into directories.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>rsync_opts</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">list</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">null</div>
</td>
<td>
<div>Specify additional rsync options by passing in an array.</div>
<div>Note that an empty string in <code>rsync_opts</code> will end up transfer the current working directory.</div>
</td>
/ <span style="color: purple">elements=string</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">null</div>
</td>
<td>
<div>Specify additional rsync options by passing in an array.</div>
<div>Note that an empty string in <code>rsync_opts</code> will end up transfer the current working directory.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>rsync_path</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Specify the rsync command to run on the remote host. See <code>--rsync-path</code> on the rsync man page.</div>
<div>To specify the rsync command to run on the local host, you need to set this your task var <code>ansible_rsync_path</code>.</div>
</td>
</div>
</td>
<td>
</td>
<td>
<div>Specify the rsync command to run on the remote host. See <code>--rsync-path</code> on the rsync man page.</div>
<div>To specify the rsync command to run on the local host, you need to set this your task var <code>ansible_rsync_path</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>rsync_timeout</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">integer</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Specify a <code>--timeout</code> for the rsync command in seconds.</div>
</td>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">0</div>
</td>
<td>
<div>Specify a <code>--timeout</code> for the rsync command in seconds.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>set_remote_user</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Put user@ for the remote paths.</div>
<div>If you have a custom ssh config to define the remote user for a host that does not match the inventory user, you should set this parameter to <code>no</code>.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>Put user@ for the remote paths.</div>
<div>If you have a custom ssh config to define the remote user for a host that does not match the inventory user, you should set this parameter to <code>no</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>src</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">string</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>Path on the source host that will be synchronized to the destination.</div>
<div>The path can be absolute or relative.</div>
</td>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>Path on the source host that will be synchronized to the destination.</div>
<div>The path can be absolute or relative.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ssh_connection_multiplexing</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>SSH connection multiplexing for rsync is disabled by default to prevent misconfigured ControlSockets from resulting in failed SSH connections. This is accomplished by setting the SSH <code>ControlSocket</code> to <code>none</code>.</div>
<div>Set this option to <code>yes</code> to allow multiplexing and reduce SSH connection overhead.</div>
<div>Note that simply setting this option to <code>yes</code> is not enough; You must also configure SSH connection multiplexing in your SSH client config by setting values for <code>ControlMaster</code>, <code>ControlPersist</code> and <code>ControlPath</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>times</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve modification times.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li>yes</li>
</ul>
</td>
<td>
<div>Preserve modification times.</div>
<div>This parameter defaults to the value of the archive option.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>use_ssh_args</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Use the ssh_args specified in ansible.cfg.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>In Ansible 2.10 and lower, it uses the ssh_args specified in <code>ansible.cfg</code>.</div>
<div>In Ansible 2.11 and onwards, when set to <code>true</code>, it uses all SSH connection configurations like <code>ansible_ssh_args</code>, <code>ansible_ssh_common_args</code>, and <code>ansible_ssh_extra_args</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>verify_host</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Verify destination host key.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Verify destination host key.</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -540,7 +586,7 @@ Notes
- Inspect the verbose output to validate the destination user/host/path are what was expected.
- To exclude files and directories from being synchronized, you may add ``.rsync-filter`` files to the source directory.
- rsync daemon must be up and running with correct permission when using rsync protocol in source or destination path.
- The ``synchronize`` module forces `--delay-updates` to avoid leaving a destination in a broken in-between state if the underlying rsync process encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should call rsync directly.
- The ``synchronize`` module enables `--delay-updates` by default to avoid leaving a destination in a broken in-between state if the underlying rsync process encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should disable this option.
- link_destination is subject to the same limitations as the underlying rsync daemon. Hard links are only preserved if the relative subtrees of the source and destination are the same. Attempts to hardlink into a directory that is a subdirectory of the source will be prevented.
@@ -558,9 +604,8 @@ See Also
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
- name: Synchronization of src on the control machine to dest on the remote hosts
ansible.posix.synchronize:
src: some/relative/path
@@ -677,7 +722,7 @@ Examples
# Specify the rsync binary to use on remote host and on local host
- hosts: groupofhosts
vars:
ansible_rsync_path: /usr/gnu/bin/rsync
ansible_rsync_path: /usr/gnu/bin/rsync
tasks:
- name: copy /tmp/localpath/ to remote location /tmp/remotepath
@@ -689,7 +734,6 @@ Examples
Status
------
@@ -698,5 +742,3 @@ Authors
~~~~~~~
- Timothy Appnel (@tima)

185
docs/ansible.posix.sysctl_module.rst
View File

@@ -31,133 +31,134 @@ Parameters
<tr>
<th colspan="1">Parameter</th>
<th>Choices/<font color="blue">Defaults</font></th>
<th width="100%">Comments</th>
<th width="100%">Comments</th>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>ignoreerrors</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Use this option to ignore errors about unknown keys.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Use this option to ignore errors about unknown keys.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>name</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
/ <span style="color: red">required</span> </div>
</td>
<td>
</td>
<td>
<div>The dot-separated path (aka <em>key</em>) specifying the sysctl variable.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: key</div>
</td>
<span style="color: purple">string</span>
/ <span style="color: red">required</span>
</div>
</td>
<td>
</td>
<td>
<div>The dot-separated path (also known as <em>key</em>) specifying the sysctl variable.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: key</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>reload</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>If <code>yes</code>, performs a <em>/sbin/sysctl -p</em> if the <code>sysctl_file</code> is updated. If <code>no</code>, does not reload <em>sysctl</em> even if the <code>sysctl_file</code> is updated.</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li>no</li>
<li><div style="color: blue"><b>yes</b>&nbsp;&larr;</div></li>
</ul>
</td>
<td>
<div>If <code>yes</code>, performs a <em>/sbin/sysctl -p</em> if the <code>sysctl_file</code> is updated. If <code>no</code>, does not reload <em>sysctl</em> even if the <code>sysctl_file</code> is updated.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>state</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
<li>absent</li>
</ul>
</td>
<td>
<div>Whether the entry should be present or absent in the sysctl file.</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>present</b>&nbsp;&larr;</div></li>
<li>absent</li>
</ul>
</td>
<td>
<div>Whether the entry should be present or absent in the sysctl file.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>sysctl_file</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">"/etc/sysctl.conf"</div>
</td>
<td>
<div>Specifies the absolute path to <code>sysctl.conf</code>, if not <code>/etc/sysctl.conf</code>.</div>
</td>
<span style="color: purple">path</span>
</div>
</td>
<td>
<b>Default:</b><br/><div style="color: blue">"/etc/sysctl.conf"</div>
</td>
<td>
<div>Specifies the absolute path to <code>sysctl.conf</code>, if not <code>/etc/sysctl.conf</code>.</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>sysctl_set</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">boolean</span>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Verify token value with the sysctl command and set with -w if necessary</div>
</td>
</div>
</td>
<td>
<ul style="margin: 0; padding: 0"><b>Choices:</b>
<li><div style="color: blue"><b>no</b>&nbsp;&larr;</div></li>
<li>yes</li>
</ul>
</td>
<td>
<div>Verify token value with the sysctl command and set with -w if necessary</div>
</td>
</tr>
<tr>
<td colspan="1">
<tr>
<td colspan="1">
<div class="ansibleOptionAnchor" id="parameter-"></div>
<b>value</b>
<a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>Desired value of the sysctl key.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: val</div>
</td>
<span style="color: purple">string</span>
</div>
</td>
<td>
</td>
<td>
<div>Desired value of the sysctl key.</div>
<div style="font-size: small; color: darkgreen"><br/>aliases: val</div>
</td>
</tr>
</table>
</table>
<br/>
@@ -166,9 +167,8 @@ Parameters
Examples
--------
.. code-block:: yaml+jinja
.. code-block:: yaml
# Set vm.swappiness to 5 in /etc/sysctl.conf
- ansible.posix.sysctl:
name: vm.swappiness
@@ -205,7 +205,6 @@ Examples
Status
------
@@ -213,6 +212,4 @@ Status
Authors
~~~~~~~
- David CHANIAL (@davixx) <david.chanial@gmail.com>
- David CHANIAL (@davixx)

2
galaxy.yml
View File

@@ -1,6 +1,6 @@
namespace: ansible
name: posix
version: 1.1.0
version: 1.3.0
readme: README.md
authors:
- Ansible (github.com/ansible)

2
meta/runtime.yml
View File

@@ -1,2 +1,2 @@
---
requires_ansible: '>=2.9,<2.11'
requires_ansible: '>=2.9'

103
plugins/action/synchronize.py
View File

@@ -21,6 +21,7 @@ import os.path
from ansible import constants as C
from ansible.module_utils.six import string_types
from ansible.module_utils.six.moves import shlex_quote
from ansible.module_utils._text import to_text
from ansible.module_utils.common._collections_compat import MutableSequence
from ansible.module_utils.parsing.convert_bool import boolean
@@ -28,12 +29,23 @@ from ansible.plugins.action import ActionBase
from ansible.plugins.loader import connection_loader
DOCKER = ['docker', 'community.general.docker', 'community.docker.docker']
PODMAN = ['podman', 'ansible.builtin.podman', 'containers.podman.podman']
BUILDAH = ['buildah', 'containers.podman.buildah']
class ActionModule(ActionBase):
def _get_absolute_path(self, path):
original_path = path
if path.startswith('rsync://'):
#
# Check if we have a local relative path and do not process
# * remote paths (some.server.domain:/some/remote/path/...)
# * URLs (rsync://...)
# * local absolute paths (/some/local/path/...)
#
if ':' in path or path.startswith('/'):
return path
if self._task._role is not None:
@@ -60,21 +72,19 @@ class ActionModule(ActionBase):
return path
# If using docker or buildah, do not add user information
if self._remote_transport not in ['docker', 'buildah'] and user:
if self._remote_transport not in DOCKER + PODMAN + BUILDAH and user:
user_prefix = '%s@' % (user, )
if self._host_is_ipv6_address(host):
return '[%s%s]:%s' % (user_prefix, host, path)
else:
return '%s%s:%s' % (user_prefix, host, path)
return '%s%s:%s' % (user_prefix, host, path)
def _process_origin(self, host, path, user):
if host not in C.LOCALHOST:
return self._format_rsync_rsh_target(host, path, user)
if ':' not in path and not path.startswith('/'):
path = self._get_absolute_path(path=path)
path = self._get_absolute_path(path=path)
return path
def _process_remote(self, task_args, host, path, user, port_matches_localhost_port):
@@ -103,8 +113,7 @@ class ActionModule(ActionBase):
task_args['_substitute_controller'] = True
return self._format_rsync_rsh_target(host, path, user)
if ':' not in path and not path.startswith('/'):
path = self._get_absolute_path(path=path)
path = self._get_absolute_path(path=path)
return path
def _override_module_replaced_vars(self, task_vars):
@@ -168,12 +177,25 @@ class ActionModule(ActionBase):
# Store remote connection type
self._remote_transport = self._connection.transport
use_ssh_args = _tmp_args.pop('use_ssh_args', None)
if use_ssh_args and self._connection.transport == 'ssh':
ssh_args = [
self._connection.get_option('ssh_args'),
self._connection.get_option('ssh_common_args'),
self._connection.get_option('ssh_extra_args'),
]
_tmp_args['ssh_args'] = ' '.join([a for a in ssh_args if a])
# Handle docker connection options
if self._remote_transport == 'docker':
if self._remote_transport in DOCKER:
self._docker_cmd = self._connection.docker_cmd
if self._play_context.docker_extra_args:
self._docker_cmd = "%s %s" % (self._docker_cmd, self._play_context.docker_extra_args)
elif self._remote_transport in PODMAN:
self._docker_cmd = self._connection._options['podman_executable']
if self._connection._options.get('podman_extra_args'):
self._docker_cmd = "%s %s" % (self._docker_cmd, self._connection._options['podman_extra_args'])
# self._connection accounts for delegate_to so
# remote_transport is the transport ansible thought it would need
@@ -191,8 +213,8 @@ class ActionModule(ActionBase):
# ssh paramiko docker buildah and local are fully supported transports. Anything
# else only works with delegate_to
if delegate_to is None and self._connection.transport not in \
('ssh', 'paramiko', 'local', 'docker', 'buildah'):
if delegate_to is None and self._connection.transport not in [
'ssh', 'paramiko', 'local'] + DOCKER + PODMAN + BUILDAH:
result['failed'] = True
result['msg'] = (
"synchronize uses rsync to function. rsync needs to connect to the remote "
@@ -201,8 +223,6 @@ class ActionModule(ActionBase):
"so it cannot work." % self._connection.transport)
return result
use_ssh_args = _tmp_args.pop('use_ssh_args', None)
# Parameter name needed by the ansible module
_tmp_args['_local_rsync_path'] = task_vars.get('ansible_rsync_path') or 'rsync'
_tmp_args['_local_rsync_password'] = task_vars.get('ansible_ssh_pass') or task_vars.get('ansible_password')
@@ -215,14 +235,10 @@ class ActionModule(ActionBase):
src_host = '127.0.0.1'
inventory_hostname = task_vars.get('inventory_hostname')
dest_host_inventory_vars = task_vars['hostvars'].get(inventory_hostname)
try:
dest_host = dest_host_inventory_vars['ansible_host']
except KeyError:
dest_host = dest_host_inventory_vars.get('ansible_ssh_host', inventory_hostname)
dest_host = dest_host_inventory_vars.get('ansible_host', inventory_hostname)
dest_host_ids = [hostid for hostid in (dest_host_inventory_vars.get('inventory_hostname'),
dest_host_inventory_vars.get('ansible_host'),
dest_host_inventory_vars.get('ansible_ssh_host'))
dest_host_inventory_vars.get('ansible_host'))
if hostid is not None]
localhost_ports = set()
@@ -246,7 +262,7 @@ class ActionModule(ActionBase):
dest_is_local = True
# CHECK FOR NON-DEFAULT SSH PORT
inv_port = task_vars.get('ansible_ssh_port', None) or C.DEFAULT_REMOTE_PORT
inv_port = task_vars.get('ansible_port', None) or C.DEFAULT_REMOTE_PORT
if _tmp_args.get('dest_port', None) is None:
if inv_port is not None:
_tmp_args['dest_port'] = inv_port
@@ -323,20 +339,18 @@ class ActionModule(ActionBase):
# Src and dest rsync "path" handling
if boolean(_tmp_args.get('set_remote_user', 'yes'), strict=False):
if use_delegate:
user = task_vars.get('ansible_delegated_vars', dict()).get('ansible_ssh_user', None)
user = task_vars.get('ansible_delegated_vars', dict()).get('ansible_user', None)
if not user:
user = task_vars.get('ansible_ssh_user') or self._play_context.remote_user
user = task_vars.get('ansible_user') or self._play_context.remote_user
if not user:
user = C.DEFAULT_REMOTE_USER
else:
user = task_vars.get('ansible_ssh_user') or self._play_context.remote_user
user = task_vars.get('ansible_user') or self._play_context.remote_user
# Private key handling
private_key = self._play_context.private_key_file
if private_key is not None:
_tmp_args['private_key'] = private_key
# Use the private_key parameter if passed else use context private_key_file
_tmp_args['private_key'] = _tmp_args.get('private_key', self._play_context.private_key_file)
# use the mode to define src and dest's url
if _tmp_args.get('mode', 'push') == 'pull':
@@ -350,10 +364,8 @@ class ActionModule(ActionBase):
else:
# Still need to munge paths (to account for roles) even if we aren't
# copying files between hosts
if not src.startswith('/'):
src = self._get_absolute_path(path=src)
if not dest.startswith('/'):
dest = self._get_absolute_path(path=dest)
src = self._get_absolute_path(path=src)
dest = self._get_absolute_path(path=dest)
_tmp_args['src'] = src
_tmp_args['dest'] = dest
@@ -367,11 +379,14 @@ class ActionModule(ActionBase):
if not dest_is_local:
# don't escalate for docker. doing --rsync-path with docker exec fails
# and we can switch directly to the user via docker arguments
if self._play_context.become and not rsync_path and self._remote_transport != 'docker':
if self._play_context.become and not rsync_path and self._remote_transport not in DOCKER + PODMAN:
# If no rsync_path is set, become was originally set, and dest is
# remote then add privilege escalation here.
if self._play_context.become_method == 'sudo':
rsync_path = 'sudo rsync'
if self._play_context.become_user:
rsync_path = 'sudo -u %s rsync' % self._play_context.become_user
else:
rsync_path = 'sudo rsync'
# TODO: have to add in the rest of the become methods here
# We cannot use privilege escalation on the machine running the
@@ -381,17 +396,9 @@ class ActionModule(ActionBase):
_tmp_args['rsync_path'] = rsync_path
if use_ssh_args:
ssh_args = [
getattr(self._play_context, 'ssh_args', ''),
getattr(self._play_context, 'ssh_common_args', ''),
getattr(self._play_context, 'ssh_extra_args', ''),
]
_tmp_args['ssh_args'] = ' '.join([a for a in ssh_args if a])
# If launching synchronize against docker container
# use rsync_opts to support container to override rsh options
if self._remote_transport in ['docker', 'buildah'] and not use_delegate:
if self._remote_transport in DOCKER + BUILDAH + PODMAN and not use_delegate:
# Replicate what we do in the module argumentspec handling for lists
if not isinstance(_tmp_args.get('rsync_opts'), MutableSequence):
tmp_rsync_opts = _tmp_args.get('rsync_opts', [])
@@ -404,15 +411,15 @@ class ActionModule(ActionBase):
if '--blocking-io' not in _tmp_args['rsync_opts']:
_tmp_args['rsync_opts'].append('--blocking-io')
if self._remote_transport in ['docker']:
if self._remote_transport in DOCKER + PODMAN:
if become and self._play_context.become_user:
_tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, self._play_context.become_user))
_tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -u %s -i' % (self._docker_cmd, self._play_context.become_user)))
elif user is not None:
_tmp_args['rsync_opts'].append("--rsh=%s exec -u %s -i" % (self._docker_cmd, user))
_tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -u %s -i' % (self._docker_cmd, user)))
else:
_tmp_args['rsync_opts'].append("--rsh=%s exec -i" % self._docker_cmd)
elif self._remote_transport in ['buildah']:
_tmp_args['rsync_opts'].append("--rsh=buildah run --")
_tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('%s exec -i' % self._docker_cmd))
elif self._remote_transport in BUILDAH:
_tmp_args['rsync_opts'].append('--rsh=' + shlex_quote('buildah run --'))
# run the module and store the result
result.update(self._execute_module('ansible.posix.synchronize', module_args=_tmp_args, task_vars=task_vars))

2
plugins/callback/skippy.py
View File

@@ -14,7 +14,7 @@ DOCUMENTATION = '''
short_description: Ansible screen output that ignores skipped status
deprecated:
why: The 'default' callback plugin now supports this functionality
removed_in: '2.11'
removed_at_date: 2022-06-01
alternative: "'default' callback plugin with 'display_skipped_hosts = no' option"
extends_documentation_fragment:
- default_callback

4
plugins/module_utils/firewalld.py
View File

@@ -3,6 +3,10 @@
# (c) 2013-2018, Adam Miller (maxamillion@fedoraproject.org)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
# Imports and info for sanity checking
from distutils.version import LooseVersion

4
plugins/module_utils/mount.py
View File

@@ -48,6 +48,10 @@
# agrees to be bound by the terms and conditions of this License
# Agreement.
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import os

13
plugins/modules/acl.py
View File

@@ -28,6 +28,7 @@ options:
- The C(query) state gets the current ACL without changing it, for use in C(register) operations.
choices: [ absent, present, query ]
default: query
type: str
follow:
description:
- Whether to follow symlinks on the path if a symlink is encountered.
@@ -42,13 +43,17 @@ options:
entity:
description:
- The actual user or group that the ACL applies to when matching entity types user or group are selected.
type: str
etype:
description:
- The entity type of the ACL to apply, see C(setfacl) documentation for more info.
choices: [ group, mask, other, user ]
type: str
permissions:
description:
- The permissions to apply/remove can be any combination of C(r), C(w) and C(x) (read, write and execute respectively)
- The permissions to apply/remove can be any combination of C(r), C(w), C(x)
- (read, write and execute respectively), and C(X) (execute permission if the file is a directory or already has execute permission for some user)
type: str
entry:
description:
- DEPRECATED.
@@ -57,12 +62,15 @@ options:
- The qualifier may be empty for some types, but the type and perms are always required.
- C(-) can be used as placeholder when you do not care about permissions.
- This is now superseded by entity, type and permissions fields.
type: str
recursive:
description:
- Recursively sets the specified ACL.
- Incompatible with C(state=query).
- Alias C(recurse) added in version 1.3.0.
type: bool
default: no
aliases: [ recurse ]
use_nfsv4_acls:
description:
- Use NFSv4 ACLs instead of POSIX ACLs.
@@ -75,6 +83,7 @@ options:
- Incompatible with C(state=query).
choices: [ default, mask, no_mask ]
default: default
type: str
author:
- Brian Coca (@bcoca)
- Jérémie Astori (@astorije)
@@ -266,7 +275,7 @@ def main():
),
follow=dict(type='bool', default=True),
default=dict(type='bool', default=False),
recursive=dict(type='bool', default=False),
recursive=dict(type='bool', default=False, aliases=['recurse']),
recalculate_mask=dict(
type='str',
default='default',

12
plugins/modules/at.py
View File

@@ -8,7 +8,7 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
DOCUMENTATION = r'''
---
module: at
short_description: Schedule the execution of a command or script file via the at command
@@ -29,12 +29,10 @@ options:
description:
- The count of units in the future to execute the command or script file.
type: int
required: true
units:
description:
- The type of units in the future to execute the command or script file.
type: str
required: true
choices: [ minutes, hours, days, weeks ]
state:
description:
@@ -74,6 +72,7 @@ EXAMPLES = r'''
'''
import os
import platform
import tempfile
from ansible.module_utils.basic import AnsibleModule
@@ -89,7 +88,7 @@ def add_job(module, result, at_cmd, count, units, command, script_file):
def delete_job(module, result, at_cmd, command, script_file):
for matching_job in get_matching_jobs(module, at_cmd, script_file):
at_command = "%s -d %s" % (at_cmd, matching_job)
at_command = "%s -r %s" % (at_cmd, matching_job)
rc, out, err = module.run_command(at_command, check_rc=True)
result['changed'] = True
if command:
@@ -117,7 +116,8 @@ def get_matching_jobs(module, at_cmd, script_file):
# If the script text is contained in a job add job number to list.
for current_job in current_jobs:
split_current_job = current_job.split()
at_command = "%s -c %s" % (at_cmd, split_current_job[0])
at_opt = '-c' if platform.system() != 'AIX' else '-lv'
at_command = "%s %s %s" % (at_cmd, at_opt, split_current_job[0])
rc, out, err = module.run_command(at_command, check_rc=True)
if script_file_string in out:
matching_jobs.append(split_current_job[0])
@@ -129,7 +129,7 @@ def get_matching_jobs(module, at_cmd, script_file):
def create_tempfile(command):
filed, script_file = tempfile.mkstemp(prefix='at')
fileh = os.fdopen(filed, 'w')
fileh.write(command)
fileh.write(command + os.linesep)
fileh.close()
return script_file

20
plugins/modules/authorized_key.py
View File

@@ -50,6 +50,7 @@ options:
key_options:
description:
- A string of ssh key options to be prepended to the key in the authorized_keys file.
type: str
exclusive:
description:
- Whether to remove all other non-specified keys from the authorized_keys file.
@@ -388,13 +389,28 @@ def parsekey(module, raw_key, rank=None):
VALID_SSH2_KEY_TYPES = [
'sk-ecdsa-sha2-nistp256@openssh.com',
'sk-ecdsa-sha2-nistp256-cert-v01@openssh.com',
'webauthn-sk-ecdsa-sha2-nistp256@openssh.com',
'ecdsa-sha2-nistp256',
'ecdsa-sha2-nistp256-cert-v01@openssh.com',
'ecdsa-sha2-nistp384',
'ecdsa-sha2-nistp384-cert-v01@openssh.com',
'ecdsa-sha2-nistp521',
'ecdsa-sha2-nistp521-cert-v01@openssh.com',
'sk-ssh-ed25519@openssh.com',
'sk-ssh-ed25519-cert-v01@openssh.com',
'ssh-ed25519',
'ssh-ed25519-cert-v01@openssh.com',
'ssh-dss',
'ssh-rsa',
'ssh-xmss@openssh.com',
'ssh-xmss-cert-v01@openssh.com',
'rsa-sha2-256',
'rsa-sha2-512',
'ssh-rsa-cert-v01@openssh.com',
'rsa-sha2-256-cert-v01@openssh.com',
'rsa-sha2-512-cert-v01@openssh.com',
'ssh-dss-cert-v01@openssh.com',
]
options = None # connection options
@@ -647,11 +663,11 @@ def main():
module = AnsibleModule(
argument_spec=dict(
user=dict(type='str', required=True),
key=dict(type='str', required=True),
key=dict(type='str', required=True, no_log=False),
path=dict(type='path'),
manage_dir=dict(type='bool', default=True),
state=dict(type='str', default='present', choices=['absent', 'present']),
key_options=dict(type='str'),
key_options=dict(type='str', no_log=False),
exclusive=dict(type='bool', default=False),
comment=dict(type='str'),
validate_certs=dict(type='bool', default=True),

212
plugins/modules/firewalld.py
View File

@@ -24,9 +24,36 @@ options:
- Name of a port or port range to add/remove to/from firewalld.
- Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges.
type: str
port_forward:
description:
- Port and protocol to forward using firewalld.
type: list
elements: dict
suboptions:
port:
type: str
required: true
description:
- Source port to forward from
proto:
type: str
required: true
description:
- protocol to forward
choices: [udp, tcp]
toport:
type: str
required: true
description:
- destination port
toaddr:
type: str
description:
- Optional address to forward to
rich_rule:
description:
- Rich rule to add/remove to/from firewalld.
- See L(Syntax for firewalld rich language rules,https://firewalld.org/documentation/man-pages/firewalld.richlanguage.html).
type: str
source:
description:
@@ -54,7 +81,7 @@ options:
permanent:
description:
- Should this configuration be in the running firewalld configuration or persist across reboots.
- As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 3.0.9).
- As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 0.3.9).
- Note that if this is C(no), immediate is assumed C(yes).
type: bool
immediate:
@@ -72,7 +99,7 @@ options:
choices: [ absent, disabled, enabled, present ]
timeout:
description:
- The amount of time the rule should be in effect for when non-permanent.
- The amount of time in seconds the rule should be in effect for when non-permanent.
type: int
default: 0
masquerade:
@@ -83,6 +110,13 @@ options:
description:
- Whether to run this module even when firewalld is offline.
type: bool
target:
description:
- firewalld Zone target
- If state is set to C(absent), this will reset the target to default
choices: [ default, ACCEPT, DROP, "%%REJECT%%" ]
type: str
version_added: 1.2.0
notes:
- Not tested on any Debian based system.
- Requires the python2 bindings of firewalld, which may not be installed by default.
@@ -163,6 +197,12 @@ EXAMPLES = r'''
permanent: yes
icmp_block: echo-request
- ansible.posix.firewalld:
zone: internal
state: present
permanent: yes
target: ACCEPT
- name: Redirect port 443 to 8443 with Rich Rule
ansible.posix.firewalld:
rich_rule: rule family=ipv4 forward-port port=443 protocol=tcp to-port=8443
@@ -353,26 +393,14 @@ class PortTransaction(FirewallTransaction):
)
def get_enabled_immediate(self, port, protocol, timeout):
port_proto = [port, protocol]
if self.fw_offline:
fw_zone, fw_settings = self.get_fw_zone_settings()
ports_list = fw_settings.getPorts()
else:
ports_list = self.fw.getPorts(self.zone)
if port_proto in ports_list:
return True
else:
return False
dummy, fw_settings = self.get_fw_zone_settings()
return fw_settings.queryPort(port=port, protocol=protocol)
return self.fw.queryPort(zone=self.zone, port=port, protocol=protocol)
def get_enabled_permanent(self, port, protocol, timeout):
port_proto = (port, protocol)
fw_zone, fw_settings = self.get_fw_zone_settings()
if port_proto in fw_settings.getPorts():
return True
else:
return False
dummy, fw_settings = self.get_fw_zone_settings()
return fw_settings.queryPort(port=port, protocol=protocol)
def set_enabled_immediate(self, port, protocol, timeout):
self.fw.addPort(self.zone, port, protocol, timeout)
@@ -570,6 +598,53 @@ class SourceTransaction(FirewallTransaction):
self.update_fw_settings(fw_zone, fw_settings)
class ZoneTargetTransaction(FirewallTransaction):
"""
ZoneTargetTransaction
"""
def __init__(self, module, action_args=None, zone=None, desired_state=None,
permanent=True, immediate=False, enabled_values=None, disabled_values=None):
super(ZoneTargetTransaction, self).__init__(
module, action_args=action_args, desired_state=desired_state, zone=zone,
permanent=permanent, immediate=immediate,
enabled_values=enabled_values or ["present", "enabled"],
disabled_values=disabled_values or ["absent", "disabled"])
self.enabled_msg = "Set zone %s target to %s" % \
(self.zone, action_args[0])
self.disabled_msg = "Reset zone %s target to default" % \
(self.zone)
self.tx_not_permanent_error_msg = "Zone operations must be permanent. " \
"Make sure you didn't set the 'permanent' flag to 'false' or the 'immediate' flag to 'true'."
def get_enabled_immediate(self, target):
self.module.fail_json(msg=self.tx_not_permanent_error_msg)
def get_enabled_permanent(self, target):
fw_zone, fw_settings = self.get_fw_zone_settings()
current_target = fw_settings.getTarget()
return (current_target == target)
def set_enabled_immediate(self, target):
self.module.fail_json(msg=self.tx_not_permanent_error_msg)
def set_enabled_permanent(self, target):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.setTarget(target)
self.update_fw_settings(fw_zone, fw_settings)
def set_disabled_immediate(self, target):
self.module.fail_json(msg=self.tx_not_permanent_error_msg)
def set_disabled_permanent(self, target):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.setTarget("default")
self.update_fw_settings(fw_zone, fw_settings)
class ZoneTransaction(FirewallTransaction):
"""
ZoneTransaction
@@ -617,6 +692,43 @@ class ZoneTransaction(FirewallTransaction):
zone_obj.remove()
class ForwardPortTransaction(FirewallTransaction):
"""
ForwardPortTransaction
"""
def __init__(self, module, action_args=None, zone=None, desired_state=None, permanent=False, immediate=False):
super(ForwardPortTransaction, self).__init__(
module, action_args=action_args, desired_state=desired_state, zone=zone, permanent=permanent, immediate=immediate
)
def get_enabled_immediate(self, port, proto, toport, toaddr, timeout):
if self.fw_offline:
dummy, fw_settings = self.get_fw_zone_settings()
return fw_settings.queryForwardPort(port=port, protocol=proto, to_port=toport, to_addr=toaddr)
return self.fw.queryForwardPort(port=port, protocol=proto, to_port=toport, to_addr=toaddr)
def get_enabled_permanent(self, port, proto, toport, toaddr, timeout):
dummy, fw_settings = self.get_fw_zone_settings()
return fw_settings.queryForwardPort(port=port, protocol=proto, to_port=toport, to_addr=toaddr)
def set_enabled_immediate(self, port, proto, toport, toaddr, timeout):
self.fw.addForwardPort(self.zone, port, proto, toport, toaddr, timeout)
def set_enabled_permanent(self, port, proto, toport, toaddr, timeout):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.addForwardPort(port, proto, toport, toaddr)
self.update_fw_settings(fw_zone, fw_settings)
def set_disabled_immediate(self, port, proto, toport, toaddr, timeout):
self.fw.removeForwardPort(self.zone, port, proto, toport, toaddr)
def set_disabled_permanent(self, port, proto, toport, toaddr, timeout):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.removeForwardPort(port, proto, toport, toaddr)
self.update_fw_settings(fw_zone, fw_settings)
def main():
module = AnsibleModule(
@@ -625,6 +737,7 @@ def main():
icmp_block_inversion=dict(type='str'),
service=dict(type='str'),
port=dict(type='str'),
port_forward=dict(type='list', elements='dict'),
rich_rule=dict(type='str'),
zone=dict(type='str'),
immediate=dict(type='bool', default=False),
@@ -635,10 +748,12 @@ def main():
interface=dict(type='str'),
masquerade=dict(type='str'),
offline=dict(type='bool'),
target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
),
supports_check_mode=True,
required_by=dict(
interface=('zone',),
target=('zone',),
source=('permanent',),
),
)
@@ -670,6 +785,7 @@ def main():
rich_rule = module.params['rich_rule']
source = module.params['source']
zone = module.params['zone']
target = module.params['target']
if module.params['port'] is not None:
if '/' in module.params['port']:
@@ -681,6 +797,21 @@ def main():
else:
port = None
port_forward_toaddr = ''
port_forward = None
if module.params['port_forward'] is not None:
if len(module.params['port_forward']) > 1:
module.fail_json(msg='Only one port forward supported at a time')
port_forward = module.params['port_forward'][0]
if 'port' not in port_forward:
module.fail_json(msg='port must be specified for port forward')
if 'proto' not in port_forward:
module.fail_json(msg='proto udp/tcp must be specified for port forward')
if 'toport' not in port_forward:
module.fail_json(msg='toport must be specified for port forward')
if 'toaddr' in port_forward:
port_forward_toaddr = port_forward['toaddr']
modification_count = 0
if icmp_block is not None:
modification_count += 1
@@ -690,6 +821,8 @@ def main():
modification_count += 1
if port is not None:
modification_count += 1
if port_forward is not None:
modification_count += 1
if rich_rule is not None:
modification_count += 1
if interface is not None:
@@ -698,12 +831,14 @@ def main():
modification_count += 1
if source is not None:
modification_count += 1
if target is not None:
modification_count += 1
if modification_count > 1:
module.fail_json(
msg='can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once'
)
elif modification_count > 0 and desired_state in ['absent', 'present']:
elif (modification_count > 0) and (desired_state in ['absent', 'present']) and (target is None):
module.fail_json(
msg='absent and present state can only be used in zone level operations'
)
@@ -790,6 +925,29 @@ def main():
)
)
if port_forward is not None:
transaction = ForwardPortTransaction(
module,
action_args=(str(port_forward['port']), port_forward['proto'],
str(port_forward['toport']), port_forward_toaddr, timeout),
zone=zone,
desired_state=desired_state,
permanent=permanent,
immediate=immediate
)
changed, transaction_msgs = transaction.run()
msgs = msgs + transaction_msgs
if changed is True:
msgs.append(
"Changed port_forward %s to %s" % (
"port=%s:proto=%s:toport=%s:toaddr=%s" % (
port_forward['port'], port_forward['proto'],
port_forward['toport'], port_forward_toaddr
), desired_state
)
)
if rich_rule is not None:
transaction = RichRuleTransaction(
@@ -834,6 +992,20 @@ def main():
changed, transaction_msgs = transaction.run()
msgs = msgs + transaction_msgs
if target is not None:
transaction = ZoneTargetTransaction(
module,
action_args=(target,),
zone=zone,
desired_state=desired_state,
permanent=permanent,
immediate=immediate,
)
changed, transaction_msgs = transaction.run()
msgs = msgs + transaction_msgs
''' If there are no changes within the zone we are operating on the zone itself '''
if modification_count == 0 and desired_state in ['absent', 'present']:

391
plugins/modules/firewalld_info.py Normal file
View File

@@ -0,0 +1,391 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: (c) 2021, Hideki Saito <saito@fgrep.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = r'''
---
module: firewalld_info
short_description: Gather information about firewalld
description:
- This module gathers information about firewalld rules.
options:
active_zones:
description: Gather information about active zones.
type: bool
default: no
zones:
description:
- Gather information about specific zones.
- If only works if C(active_zones) is set to C(false).
required: false
type: list
elements: str
requirements:
- firewalld >= 0.2.11
- python-firewall
- python-dbus
author:
- Hideki Saito (@saito-hideki)
'''
EXAMPLES = r'''
- name: Gather information about active zones
ansible.posix.firewalld_info:
active_zones: yes
- name: Gather information about specific zones
ansible.posix.firewalld_info:
zones:
- public
- external
- internal
'''
RETURN = r'''
active_zones:
description:
- Gather active zones only if turn it C(true).
returned: success
type: bool
sample: false
collected_zones:
description:
- A list of collected zones.
returned: success
type: list
sample: [external, internal]
undefined_zones:
description:
- A list of undefined zones in C(zones) option.
- C(undefined_zones) will be ignored for gathering process.
returned: success
type: list
sample: [foo, bar]
firewalld_info:
description:
- Returns various information about firewalld configuration.
returned: success
type: complex
contains:
version:
description:
- The version information of firewalld.
returned: success
type: str
sample: 0.8.2
default_zones:
description:
- The zone name of default zone.
returned: success
type: str
sample: public
zones:
description:
- A dict of zones to gather information.
returned: success
type: complex
contains:
zone:
description:
- The zone name registered in firewalld.
returned: success
type: complex
sample: external
contains:
target:
description:
- A list of services in the zone.
returned: success
type: str
sample: ACCEPT
icmp_block_inversion:
description:
- The ICMP block inversion to block
all ICMP requests.
returned: success
type: bool
sample: false
interfaces:
description:
- A list of network interfaces.
returned: success
type: list
sample:
- 'eth0'
- 'eth1'
sources:
description:
- A list of source network address.
returned: success
type: list
sample:
- '172.16.30.0/24'
- '172.16.31.0/24'
services:
description:
- A list of network services.
returned: success
type: list
sample:
- 'dhcp'
- 'dns'
- 'ssh'
ports:
description:
- A list of network port with protocol.
returned: success
type: list
sample:
- - "22"
- "tcp"
- - "80"
- "tcp"
protocols:
description:
- A list of network protocol.
returned: success
type: list
sample:
- "icmp"
- "ipv6-icmp"
forward:
description:
- The network interface forwarding.
- This parameter supports on python-firewall
0.9.0(or later) and is not collected in earlier
versions.
returned: success
type: bool
sample: false
masquerade:
description:
- The network interface masquerading.
returned: success
type: bool
sample: false
forward_ports:
description:
- A list of forwarding port pair with protocol.
returned: success
type: list
sample:
- "icmp"
- "ipv6-icmp"
source_ports:
description:
- A list of network source port with protocol.
returned: success
type: list
sample:
- - "30000"
- "tcp"
- - "30001"
- "tcp"
icmp_blocks:
description:
- A list of blocking icmp protocol.
returned: success
type: list
sample:
- "echo-request"
rich_rules:
description:
- A list of rich language rule.
returned: success
type: list
sample:
- "rule protocol value=\"icmp\" reject"
- "rule priority=\"32767\" reject"
'''
from ansible.module_utils.basic import AnsibleModule, missing_required_lib
from ansible.module_utils._text import to_native
from distutils.version import StrictVersion
try:
import dbus
HAS_DBUS = True
except ImportError:
HAS_DBUS = False
try:
import firewall.client as fw_client
import firewall.config as fw_config
HAS_FIREWALLD = True
except ImportError:
HAS_FIREWALLD = False
def get_version():
return fw_config.VERSION
def get_active_zones(client):
return client.getActiveZones().keys()
def get_all_zones(client):
return client.getZones()
def get_default_zone(client):
return client.getDefaultZone()
def get_zone_settings(client, zone):
return client.getZoneSettings(zone)
def get_zone_target(zone_settings):
return zone_settings.getTarget()
def get_zone_icmp_block_inversion(zone_settings):
return zone_settings.getIcmpBlockInversion()
def get_zone_interfaces(zone_settings):
return zone_settings.getInterfaces()
def get_zone_sources(zone_settings):
return zone_settings.getSources()
def get_zone_services(zone_settings):
return zone_settings.getServices()
def get_zone_ports(zone_settings):
return zone_settings.getPorts()
def get_zone_protocols(zone_settings):
return zone_settings.getProtocols()
# This function supports python-firewall 0.9.0(or later).
def get_zone_forward(zone_settings):
return zone_settings.getForward()
def get_zone_masquerade(zone_settings):
return zone_settings.getMasquerade()
def get_zone_forward_ports(zone_settings):
return zone_settings.getForwardPorts()
def get_zone_source_ports(zone_settings):
return zone_settings.getSourcePorts()
def get_zone_icmp_blocks(zone_settings):
return zone_settings.getIcmpBlocks()
def get_zone_rich_rules(zone_settings):
return zone_settings.getRichRules()
def main():
module_args = dict(
active_zones=dict(required=False, type='bool', default=False),
zones=dict(required=False, type='list', elements='str'),
)
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True,
)
firewalld_info = dict()
result = dict(
changed=False,
active_zones=module.params['active_zones'],
collected_zones=list(),
undefined_zones=list(),
warnings=list(),
)
# Exit with failure message if requirements modules are not installed.
if not HAS_DBUS:
module.fail_json(msg=missing_required_lib('python-dbus'))
if not HAS_FIREWALLD:
module.fail_json(msg=missing_required_lib('python-firewall'))
# If you want to show warning messages in the task running process,
# you can append the message to the 'warn' list.
warn = list()
try:
client = fw_client.FirewallClient()
# Gather general information of firewalld.
firewalld_info['version'] = get_version()
firewalld_info['default_zone'] = get_default_zone(client)
# Gather information for zones.
zones_info = dict()
collect_zones = list()
ignore_zones = list()
if module.params['active_zones']:
collect_zones = get_active_zones(client)
elif module.params['zones']:
all_zones = get_all_zones(client)
specified_zones = module.params['zones']
collect_zones = list(set(specified_zones) & set(all_zones))
ignore_zones = list(set(specified_zones) - set(collect_zones))
warn.append(
'Please note: zone:(%s) have been ignored in the gathering process.' % ','.join(ignore_zones))
else:
collect_zones = get_all_zones(client)
for zone in collect_zones:
# Gather settings for each zone based on the output of
# 'firewall-cmd --info-zone=<ZONE>' command.
zone_info = dict()
zone_settings = get_zone_settings(client, zone)
zone_info['target'] = get_zone_target(zone_settings)
zone_info['icmp_block_inversion'] = get_zone_icmp_block_inversion(zone_settings)
zone_info['interfaces'] = get_zone_interfaces(zone_settings)
zone_info['sources'] = get_zone_sources(zone_settings)
zone_info['services'] = get_zone_services(zone_settings)
zone_info['ports'] = get_zone_ports(zone_settings)
zone_info['protocols'] = get_zone_protocols(zone_settings)
zone_info['masquerade'] = get_zone_masquerade(zone_settings)
zone_info['forward_ports'] = get_zone_forward_ports(zone_settings)
zone_info['source_ports'] = get_zone_source_ports(zone_settings)
zone_info['icmp_blocks'] = get_zone_icmp_blocks(zone_settings)
zone_info['rich_rules'] = get_zone_rich_rules(zone_settings)
# The 'forward' parameter supports on python-firewall 0.9.0(or later).
if StrictVersion(firewalld_info['version']) >= StrictVersion('0.9.0'):
zone_info['forward'] = get_zone_forward(zone_settings)
zones_info[zone] = zone_info
firewalld_info['zones'] = zones_info
except AttributeError as e:
module.fail_json(msg=('firewalld probably not be running, Or the following method '
'is not supported with your python-firewall version. (Error: %s)') % to_native(e))
except dbus.exceptions.DBusException as e:
module.fail_json(msg=('Unable to gather firewalld settings.'
' You may need to run as the root user or'
' use become. (Error: %s)' % to_native(e)))
result['collected_zones'] = collect_zones
result['undefined_zones'] = ignore_zones
result['firewalld_info'] = firewalld_info
result['warnings'] = warn
module.exit_json(**result)
if __name__ == '__main__':
main()

63
plugins/modules/mount.py
View File

@@ -93,7 +93,13 @@ options:
boot:
description:
- Determines if the filesystem should be mounted on boot.
- Only applies to Solaris systems.
- Only applies to Solaris and Linux systems.
- For Solaris systems, C(true) will set C(yes) as the value of mount at boot
in I(/etc/vfstab).
- For Linux, FreeBSD, NetBSD and OpenBSD systems, C(false) will add C(noauto)
to mount options in I(/etc/fstab).
- To avoid mount option conflicts, if C(noauto) specified in C(opts),
mount module will ignore C(boot).
type: bool
default: yes
backup:
@@ -169,8 +175,16 @@ EXAMPLES = r'''
opts: rw,sync,hard,intr
state: mounted
fstype: nfs
'''
- name: Mount NFS volumes with noauto according to boot option
ansible.posix.mount:
src: 192.168.1.100:/nfs/ssd/shared_data
path: /mnt/shared_data
opts: rw,sync,hard,intr
boot: no
state: mounted
fstype: nfs
'''
import errno
import os
@@ -180,11 +194,15 @@ from ansible.module_utils.basic import AnsibleModule
from ansible_collections.ansible.posix.plugins.module_utils.mount import ismount
from ansible.module_utils.six import iteritems
from ansible.module_utils._text import to_bytes, to_native
from ansible.module_utils.parsing.convert_bool import boolean
def write_fstab(module, lines, path):
if module.params['backup']:
module.backup_local(path)
backup_file = module.backup_local(path)
else:
backup_file = ""
fs_w = open(path, 'w')
@@ -194,6 +212,8 @@ def write_fstab(module, lines, path):
fs_w.flush()
fs_w.close()
return backup_file
def _escape_fstab(v):
"""Escape invalid characters in fstab fields.
@@ -226,7 +246,7 @@ def _set_mount_save_old(module, args):
old_lines = []
exists = False
changed = False
escaped_args = dict([(k, _escape_fstab(v)) for k, v in iteritems(args)])
escaped_args = dict([(k, _escape_fstab(v)) for k, v in iteritems(args) if k != 'warnings'])
new_line = '%(src)s %(name)s %(fstype)s %(opts)s %(dump)s %(passno)s\n'
if platform.system() == 'SunOS':
@@ -316,7 +336,7 @@ def _set_mount_save_old(module, args):
changed = True
if changed and not module.check_mode:
write_fstab(module, to_write, args['fstab'])
args['backup_file'] = write_fstab(module, to_write, args['fstab'])
return (args['name'], old_lines, changed)
@@ -648,7 +668,7 @@ def main():
fstype=dict(type='str'),
path=dict(type='path', required=True, aliases=['name']),
opts=dict(type='str'),
passno=dict(type='str'),
passno=dict(type='str', no_log=False),
src=dict(type='path'),
backup=dict(type='bool', default=False),
state=dict(type='str', required=True, choices=['absent', 'mounted', 'present', 'unmounted', 'remounted']),
@@ -672,7 +692,8 @@ def main():
opts='-',
passno='-',
fstab=module.params['fstab'],
boot='yes'
boot='yes' if module.params['boot'] else 'no',
warnings=[]
)
if args['fstab'] is None:
args['fstab'] = '/etc/vfstab'
@@ -682,7 +703,9 @@ def main():
opts='defaults',
dump='0',
passno='0',
fstab=module.params['fstab']
fstab=module.params['fstab'],
boot='yes',
warnings=[]
)
if args['fstab'] is None:
args['fstab'] = '/etc/fstab'
@@ -691,6 +714,7 @@ def main():
if platform.system() == 'FreeBSD':
args['opts'] = 'rw'
args['backup_file'] = ""
linux_mounts = []
# Cache all mounts here in order we have consistent results if we need to
@@ -699,14 +723,27 @@ def main():
linux_mounts = get_linux_mounts(module)
if linux_mounts is None:
args['warnings'] = (
'Cannot open file /proc/self/mountinfo. '
'Bind mounts might be misinterpreted.')
args['warnings'].append('Cannot open file /proc/self/mountinfo.'
' Bind mounts might be misinterpreted.')
# Override defaults with user specified params
for key in ('src', 'fstype', 'passno', 'opts', 'dump', 'fstab'):
if module.params[key] is not None:
args[key] = module.params[key]
if platform.system().lower() == 'linux' or platform.system().lower().endswith('bsd'):
# Linux, FreeBSD, NetBSD and OpenBSD have 'noauto' as mount option to
# handle mount on boot. To avoid mount option conflicts, if 'noauto'
# specified in 'opts', mount module will ignore 'boot'.
opts = args['opts'].split(',')
if 'noauto' in opts:
args['warnings'].append("Ignore the 'boot' due to 'opts' contains 'noauto'.")
elif not module.params['boot']:
args['boot'] = 'no'
if 'defaults' in opts:
args['warnings'].append("Ignore the 'boot' due to 'opts' contains 'defaults'.")
else:
opts.append('noauto')
args['opts'] = ','.join(opts)
# If fstab file does not exist, we first need to create it. This mainly
# happens when fstab option is passed to the module.
@@ -834,6 +871,10 @@ def main():
else:
module.fail_json(msg='Unexpected position reached')
# If the managed node is Solaris, convert the boot value type to Boolean
# to match the type of return value with the module argument.
if platform.system().lower() == 'sunos':
args['boot'] = boolean(args['boot'])
module.exit_json(changed=changed, **args)

3
plugins/modules/seboolean.py
View File

@@ -7,7 +7,7 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
DOCUMENTATION = r'''
---
module: seboolean
short_description: Toggles SELinux booleans
@@ -19,6 +19,7 @@ options:
description:
- Name of the boolean to configure.
required: true
type: str
persistent:
description:
- Set to C(yes) if the boolean setting should survive a reboot.

7
plugins/modules/selinux.py
View File

@@ -20,17 +20,20 @@ version_added: "1.0.0"
options:
policy:
description:
- The name of the SELinux policy to use (e.g. C(targeted)) will be required if state is not C(disabled).
- The name of the SELinux policy to use (e.g. C(targeted)) will be required if I(state) is not C(disabled).
type: str
state:
description:
- The SELinux mode.
required: true
choices: [ disabled, enforcing, permissive ]
type: str
configfile:
description:
- The path to the SELinux configuration file, if non-standard.
default: /etc/selinux/config
aliases: [ conf, file ]
type: str
requirements: [ libselinux-python ]
author:
- Derek Carter (@goozbach) <goozbach@friocorte.com>
@@ -178,7 +181,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
policy=dict(type='str'),
state=dict(type='str', required='True', choices=['enforcing', 'permissive', 'disabled']),
state=dict(type='str', required=True, choices=['enforcing', 'permissive', 'disabled']),
configfile=dict(type='str', default='/etc/selinux/config', aliases=['conf', 'file']),
),
supports_check_mode=True,

68
plugins/modules/synchronize.py
View File

@@ -38,9 +38,8 @@ options:
description:
- Port number for ssh on the destination host.
- Prior to Ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.
- This parameter defaults to the value of C(ansible_ssh_port) or C(ansible_port),
the C(remote_port) config setting or the value from ssh client configuration
if none of the former have been set.
- This parameter defaults to the value of C(ansible_port), the C(remote_port) config setting
or the value from ssh client configuration if none of the former have been set.
type: int
mode:
description:
@@ -74,9 +73,9 @@ options:
default: no
delete:
description:
- Delete files in C(dest) that don't exist (after transfer, not before) in the C(src) path.
- This option requires C(recursive=yes).
- This option ignores excluded files and behaves like the rsync opt --delete-excluded.
- Delete files in I(dest) that do not exist (after transfer, not before) in the I(src) path.
- This option requires I(recursive=yes).
- This option ignores excluded files and behaves like the rsync opt C(--delete-after).
type: bool
default: no
dirs:
@@ -138,7 +137,19 @@ options:
default: yes
use_ssh_args:
description:
- Use the ssh_args specified in ansible.cfg.
- In Ansible 2.10 and lower, it uses the ssh_args specified in C(ansible.cfg).
- In Ansible 2.11 and onwards, when set to C(true), it uses all SSH connection configurations like
C(ansible_ssh_args), C(ansible_ssh_common_args), and C(ansible_ssh_extra_args).
type: bool
default: no
ssh_connection_multiplexing:
description:
- SSH connection multiplexing for rsync is disabled by default to prevent misconfigured ControlSockets from resulting in failed SSH connections.
This is accomplished by setting the SSH C(ControlSocket) to C(none).
- Set this option to C(yes) to allow multiplexing and reduce SSH connection overhead.
- Note that simply setting this option to C(yes) is not enough;
You must also configure SSH connection multiplexing in your SSH client config by setting values for
C(ControlMaster), C(ControlPersist) and C(ControlPath).
type: bool
default: no
rsync_opts:
@@ -147,6 +158,7 @@ options:
- Note that an empty string in C(rsync_opts) will end up transfer the current working directory.
type: list
default:
elements: str
partial:
description:
- Tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster.
@@ -166,6 +178,15 @@ options:
- Add a destination to hard link against during the rsync.
type: list
default:
elements: str
delay_updates:
description:
- This option puts the temporary file from each updated file into a holding directory until the end of the transfer,
at which time all the files are renamed into place in rapid succession.
type: bool
default: yes
version_added: '1.3.0'
notes:
- rsync must be installed on both the local and remote host.
- For the C(synchronize) module, the "local host" is the host `the synchronize task originates on`, and the "destination host" is the host
@@ -186,8 +207,8 @@ notes:
- Inspect the verbose output to validate the destination user/host/path are what was expected.
- To exclude files and directories from being synchronized, you may add C(.rsync-filter) files to the source directory.
- rsync daemon must be up and running with correct permission when using rsync protocol in source or destination path.
- The C(synchronize) module forces `--delay-updates` to avoid leaving a destination in a broken in-between state if the underlying rsync process
encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should call rsync directly.
- The C(synchronize) module enables `--delay-updates` by default to avoid leaving a destination in a broken in-between state if the underlying rsync process
encounters an error. Those synchronizing large numbers of files that are willing to trade safety for performance should disable this option.
- link_destination is subject to the same limitations as the underlying rsync daemon. Hard links are only preserved if the relative subtrees
of the source and destination are the same. Attempts to hardlink into a directory that is a subdirectory of the source will be prevented.
seealso:
@@ -314,7 +335,7 @@ EXAMPLES = r'''
# Specify the rsync binary to use on remote host and on local host
- hosts: groupofhosts
vars:
ansible_rsync_path: /usr/gnu/bin/rsync
ansible_rsync_path: /usr/gnu/bin/rsync
tasks:
- name: copy /tmp/localpath/ to remote location /tmp/remotepath
@@ -390,12 +411,14 @@ def main():
group=dict(type='bool'),
set_remote_user=dict(type='bool', default=True),
rsync_timeout=dict(type='int', default=0),
rsync_opts=dict(type='list', default=[]),
rsync_opts=dict(type='list', default=[], elements='str'),
ssh_args=dict(type='str'),
ssh_connection_multiplexing=dict(type='bool', default=False),
partial=dict(type='bool', default=False),
verify_host=dict(type='bool', default=False),
delay_updates=dict(type='bool', default=True),
mode=dict(type='str', default='push', choices=['pull', 'push']),
link_dest=dict(type='list')
link_dest=dict(type='list', elements='str'),
),
supports_check_mode=True,
)
@@ -432,13 +455,15 @@ def main():
group = module.params['group']
rsync_opts = module.params['rsync_opts']
ssh_args = module.params['ssh_args']
ssh_connection_multiplexing = module.params['ssh_connection_multiplexing']
verify_host = module.params['verify_host']
link_dest = module.params['link_dest']
delay_updates = module.params['delay_updates']
if '/' not in rsync:
rsync = module.get_bin_path(rsync, required=True)
cmd = [rsync, '--delay-updates', '-F']
cmd = [rsync]
_sshpass_pipe = None
if rsync_password:
try:
@@ -449,6 +474,9 @@ def main():
)
_sshpass_pipe = os.pipe()
cmd = ['sshpass', '-d' + to_native(_sshpass_pipe[0], errors='surrogate_or_strict')] + cmd
if delay_updates:
cmd.append('--delay-updates')
cmd.append('-F')
if compress:
cmd.append('--compress')
if rsync_timeout:
@@ -507,7 +535,9 @@ def main():
# if the user has not supplied an --rsh option go ahead and add ours
if not has_rsh:
ssh_cmd = [module.get_bin_path('ssh', required=True), '-S', 'none']
ssh_cmd = [module.get_bin_path('ssh', required=True)]
if not ssh_connection_multiplexing:
ssh_cmd.extend(['-S', 'none'])
if private_key is not None:
ssh_cmd.extend(['-i', private_key])
# If the user specified a port value
@@ -520,10 +550,10 @@ def main():
ssh_cmd_str = ' '.join(shlex_quote(arg) for arg in ssh_cmd)
if ssh_args:
ssh_cmd_str += ' %s' % ssh_args
cmd.append('--rsh=%s' % ssh_cmd_str)
cmd.append('--rsh=%s' % shlex_quote(ssh_cmd_str))
if rsync_path:
cmd.append('--rsync-path=%s' % rsync_path)
cmd.append('--rsync-path=%s' % shlex_quote(rsync_path))
if rsync_opts:
if '' in rsync_opts:
@@ -549,7 +579,7 @@ def main():
cmd.append('--link-dest=%s' % link_path)
changed_marker = '<<CHANGED>>'
cmd.append('--out-format=' + changed_marker + '%i %n%L')
cmd.append('--out-format=%s' % shlex_quote(changed_marker + '%i %n%L'))
# expand the paths
if '@' not in source:
@@ -573,10 +603,10 @@ def main():
raise
(rc, out, err) = module.run_command(
cmd, pass_fds=_sshpass_pipe,
cmdstr, pass_fds=_sshpass_pipe,
before_communicate_callback=_write_password_to_pipe)
else:
(rc, out, err) = module.run_command(cmd)
(rc, out, err) = module.run_command(cmdstr)
if rc:
return module.fail_json(msg=err, rc=rc, cmd=cmdstr)

15
plugins/modules/sysctl.py
View File

@@ -9,7 +9,7 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
DOCUMENTATION = r'''
---
module: sysctl
short_description: Manage entries in sysctl.conf.
@@ -19,18 +19,21 @@ version_added: "1.0.0"
options:
name:
description:
- The dot-separated path (aka I(key)) specifying the sysctl variable.
- The dot-separated path (also known as I(key)) specifying the sysctl variable.
required: true
aliases: [ 'key' ]
type: str
value:
description:
- Desired value of the sysctl key.
aliases: [ 'val' ]
type: str
state:
description:
- Whether the entry should be present or absent in the sysctl file.
choices: [ "present", "absent" ]
default: present
type: str
ignoreerrors:
description:
- Use this option to ignore errors about unknown keys.
@@ -47,12 +50,14 @@ options:
description:
- Specifies the absolute path to C(sysctl.conf), if not C(/etc/sysctl.conf).
default: /etc/sysctl.conf
type: path
sysctl_set:
description:
- Verify token value with the sysctl command and set with -w if necessary
type: bool
default: 'no'
author: "David CHANIAL (@davixx) <david.chanial@gmail.com>"
author:
- David CHANIAL (@davixx)
'''
EXAMPLES = r'''
@@ -182,12 +187,12 @@ class SysctlModule(object):
# Do the work
if not self.module.check_mode:
if self.set_proc:
self.set_token_value(self.args['name'], self.args['value'])
if self.write_file:
self.write_sysctl()
if self.changed and self.args['reload']:
self.reload_sysctl()
if self.set_proc:
self.set_token_value(self.args['name'], self.args['value'])
def _values_is_equal(self, a, b):
"""Expects two string values. It will split the string by whitespace

4
plugins/shell/csh.py
View File

@@ -26,6 +26,10 @@ class ShellModule(ShellBase):
# Family of shells this has. Must match the filename without extension
SHELL_FAMILY = 'csh'
# commonly used
ECHO = 'echo'
COMMAND_SEP = ';'
# How to end lines in a python script one-liner
_SHELL_EMBEDDED_PY_EOL = '\\\n'
_SHELL_REDIRECT_ALLNULL = '>& /dev/null'

4
shippable.yml
View File

@@ -22,7 +22,7 @@ matrix:
- env: T=2.9/linux/opensuse15/1
- env: T=2.9/linux/ubuntu1604/1
- env: T=2.9/linux/ubuntu1804/1
- env: T=2.10/aix/7.2/1
# - env: T=2.10/aix/7.2/1
- env: T=2.10/osx/10.11/1
- env: T=2.10/rhel/7.6/1
- env: T=2.10/rhel/8.2/1
@@ -37,7 +37,7 @@ matrix:
- env: T=2.10/linux/opensuse15/1
- env: T=2.10/linux/ubuntu1604/1
- env: T=2.10/linux/ubuntu1804/1
- env: T=devel/aix/7.2/1
# - env: T=devel/aix/7.2/1
- env: T=devel/osx/10.11/1
- env: T=devel/rhel/7.6/1
- env: T=devel/rhel/8.1/1

34
tests/integration/targets/authorized_key/tasks/check_mode.yml Normal file
View File

@@ -0,0 +1,34 @@
# -------------------------------------------------------------
# check mode
- name: CHECK MODE | copy an existing file in place with comments
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
- name: CHECK MODE | add key in check mode to validate return codes
authorized_key:
user: root
key: "{{ multiple_key_different_order_2 }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
check_mode: True
register: result
- name: CHECK MODE | assert that authorized_keys return values are consistent
assert:
that:
- 'result.changed == True'
- '"user" in result'
- '"key" in result'
- name: CHECK MODE | recopy authorized_keys to ensure it was not changed
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: CHECK MODE | assert that the authorized_keys file was not changed
assert:
that:
- 'result.changed == False'

50
tests/integration/targets/authorized_key/tasks/comments.yml Normal file
View File

@@ -0,0 +1,50 @@
# -------------------------------------------------------------
# comments
- name: Add rsa key with existing comment
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: Change the comment on an existing key
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
comment: user@acme.com
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC
changed_when: no
register: content
- name: Assert that comment on an existing key was changed
assert:
that:
- "'user@acme.com' in content.stdout"
- name: Set the same key with comment to ensure no changes are reported
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
comment: user@acme.com
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: Assert that no changes were made when running again
assert:
that:
- not result.changed
- debug:
var: "{{ item }}"
verbosity: 1
with_items:
- result
- content

486
tests/integration/targets/authorized_key/tasks/main.yml
View File

@@ -1,6 +1,6 @@
# test code for the authorized_key module
# (c) 2014, James Cammarata <jcammarata@ansible.com>
# - (c) 2014, James Cammarata <jcammarata@ansible.com>
# - (c) 2021, Hideki Saito <saito@fgrep.org>
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
@@ -16,479 +16,17 @@
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: Setup testing environment
import_tasks: setup_steps.yml
# -------------------------------------------------------------
# Setup steps
- name: Test for multiple keys handling
import_tasks: multiple_keys.yml
- name: Test for ssh-dss key handling
import_tasks: ssh_dss.yml
- name: copy an existing file in place with comments
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
- name: Test for check mode
import_tasks: check_mode.yml
- name: add multiple keys different order
authorized_key:
user: root
key: "{{ multiple_key_different_order_2 }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_existing
- name: assert that the key was added and comments and ordering preserved
assert:
that:
- 'result.changed == True'
- '"# I like candy" in multiple_keys_existing.stdout'
- '"# I like candy" in multiple_keys_existing.stdout_lines[0]'
- '"ssh-rsa DATA_BASIC 1@testing" in multiple_keys_existing.stdout'
# The specific index is a little fragile, but I want to verify the line shows up
# as the 3rd line in the new entries after the existing entries and comments are preserved
- '"ssh-rsa DATA_BASIC 1@testing" in multiple_keys_existing.stdout_lines[7]'
# start afresh
- name: remove file foo.txt
file:
path: "{{ output_dir | expanduser }}/authorized_keys"
state: absent
- name: touch the authorized_keys file
file:
dest: "{{ output_dir }}/authorized_keys"
state: touch
register: result
- name: assert that the authorized_keys file was created
assert:
that:
- 'result.changed == True'
- 'result.state == "file"'
- name: add multiple keys
authorized_key:
user: root
key: "{{ multiple_key_base }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_base'
- 'result.key_options == None'
- name: add multiple keys different order
authorized_key:
user: root
key: "{{ multiple_key_different_order }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_different_order'
- 'result.key_options == None'
- name: add multiple keys exclusive
authorized_key:
user: root
key: "{{ multiple_key_exclusive }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
exclusive: true
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_exclusive'
- 'result.key_options == None'
- name: add multiple keys in different calls
authorized_key:
user: root
key: "ecdsa-sha2-nistp521 ECDSA_DATA 4@testing"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: add multiple keys in different calls
authorized_key:
user: root
key: "ssh-rsa DATA_BASIC 1@testing"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_at_a_time
- name: assert that the key was added
assert:
that:
- 'result.changed == false'
- 'multiple_keys_at_a_time.stdout == multiple_key_exclusive.strip()'
- name: add multiple keys comment
authorized_key:
user: root
key: "{{ multiple_keys_comments }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
exclusive: true
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_comments
- name: assert that the keys exist and comment only lines were not added
assert:
that:
- 'result.changed == False'
- 'multiple_keys_comments.stdout == multiple_key_exclusive.strip()'
- 'result.key_options == None'
# -------------------------------------------------------------
# basic ssh-dss key
- name: add basic ssh-dss key
authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_basic'
- 'result.key_options == None'
- name: re-add basic ssh-dss key
authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with an unquoted option
- name: add ssh-dss key with an unquoted option
authorized_key:
user: root
key: "{{ dss_key_unquoted_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_unquoted_option'
- 'result.key_options == None'
- name: re-add ssh-dss key with an unquoted option
authorized_key:
user: root
key: "{{ dss_key_unquoted_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a leading command="/bin/foo"
- name: add ssh-dss key with a leading command
authorized_key:
user: root
key: "{{ dss_key_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command'
- 'result.key_options == None'
- name: re-add ssh-dss key with a leading command
authorized_key:
user: root
key: "{{ dss_key_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a complex quoted leading command
# ie. command="/bin/echo foo 'bar baz'"
- name: add ssh-dss key with a complex quoted leading command
authorized_key:
user: root
key: "{{ dss_key_complex_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_complex_command'
- 'result.key_options == None'
- name: re-add ssh-dss key with a complex quoted leading command
authorized_key:
user: root
key: "{{ dss_key_complex_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a command and a single option, which are
# in a comma-separated list
- name: add ssh-dss key with a command and a single option
authorized_key:
user: root
key: "{{ dss_key_command_single_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command_single_option'
- 'result.key_options == None'
- name: re-add ssh-dss key with a command and a single option
authorized_key:
user: root
key: "{{ dss_key_command_single_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a command and multiple other options
- name: add ssh-dss key with a command and multiple options
authorized_key:
user: root
key: "{{ dss_key_command_multiple_options }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command_multiple_options'
- 'result.key_options == None'
- name: re-add ssh-dss key with a command and multiple options
authorized_key:
user: root
key: "{{ dss_key_command_multiple_options }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with multiple trailing parts, which are space-
# separated and not quoted in any way
- name: add ssh-dss key with trailing parts
authorized_key:
user: root
key: "{{ dss_key_trailing }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_trailing'
- 'result.key_options == None'
- name: re-add ssh-dss key with trailing parts
authorized_key:
user: root
key: "{{ dss_key_trailing }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# basic ssh-dss key with mutliple permit-open options
# https://github.com/ansible/ansible-modules-core/issues/1715
- name: add basic ssh-dss key with multi-opts
authorized_key:
user: root
key: "{{ dss_key_basic }}"
key_options: 'no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001"'
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key with multi-opts was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_basic'
- 'result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\""'
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC
changed_when: no
register: content
- name: validate content
assert:
that:
- 'content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing"'
# -------------------------------------------------------------
# check mode
- name: CHECK MODE | copy an existing file in place with comments
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
- name: CHECK MODE | add key in check mode to validate return codes
authorized_key:
user: root
key: "{{ multiple_key_different_order_2 }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
check_mode: True
register: result
- name: CHECK MODE | assert that authorized_keys return values are consistent
assert:
that:
- 'result.changed == True'
- '"user" in result'
- '"key" in result'
- name: CHECK MODE | recopy authorized_keys to ensure it was not changed
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: CHECK MODE | assert that the authorized_keys file was not changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# comments
- name: Add rsa key with existing comment
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: Change the comment on an existing key
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
comment: user@acme.com
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC
changed_when: no
register: content
- name: Assert that comment on an existing key was changed
assert:
that:
- "'user@acme.com' in content.stdout"
- name: Set the same key with comment to ensure no changes are reported
authorized_key:
user: root
key: "{{ rsa_key_basic }}"
comment: user@acme.com
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: Assert that no changes were made when running again
assert:
that:
- not result.changed
- debug:
var: "{{ item }}"
verbosity: 1
with_items:
- result
- content
- name: Test for the management of comments with key
import_tasks: comments.yml

96
tests/integration/targets/authorized_key/tasks/multiple_keys.yml Normal file
View File

@@ -0,0 +1,96 @@
# -------------------------------------------------------------
# multiple keys
- name: add multiple keys
authorized_key:
user: root
key: "{{ multiple_key_base }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_base'
- 'result.key_options == None'
- name: add multiple keys different order
authorized_key:
user: root
key: "{{ multiple_key_different_order }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_different_order'
- 'result.key_options == None'
- name: add multiple keys exclusive
authorized_key:
user: root
key: "{{ multiple_key_exclusive }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
exclusive: true
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == multiple_key_exclusive'
- 'result.key_options == None'
- name: add multiple keys in different calls
authorized_key:
user: root
key: "ecdsa-sha2-nistp521 ECDSA_DATA 4@testing"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: add multiple keys in different calls
authorized_key:
user: root
key: "ssh-rsa DATA_BASIC 1@testing"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_at_a_time
- name: assert that the key was added
assert:
that:
- 'result.changed == false'
- 'multiple_keys_at_a_time.stdout == multiple_key_exclusive.strip()'
- name: add multiple keys comment
authorized_key:
user: root
key: "{{ multiple_keys_comments }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
exclusive: true
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_comments
- name: assert that the keys exist and comment only lines were not added
assert:
that:
- 'result.changed == False'
- 'multiple_keys_comments.stdout == multiple_key_exclusive.strip()'
- 'result.key_options == None'

50
tests/integration/targets/authorized_key/tasks/setup_steps.yml Normal file
View File

@@ -0,0 +1,50 @@
# -------------------------------------------------------------
# Setup steps
- name: copy an existing file in place with comments
copy:
src: existing_authorized_keys
dest: "{{ output_dir | expanduser }}/authorized_keys"
- name: add multiple keys different order
authorized_key:
user: root
key: "{{ multiple_key_different_order_2 }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys"
changed_when: no
register: multiple_keys_existing
- name: assert that the key was added and comments and ordering preserved
assert:
that:
- 'result.changed == True'
- '"# I like candy" in multiple_keys_existing.stdout'
- '"# I like candy" in multiple_keys_existing.stdout_lines[0]'
- '"ssh-rsa DATA_BASIC 1@testing" in multiple_keys_existing.stdout'
# The specific index is a little fragile, but I want to verify the line shows up
# as the 3rd line in the new entries after the existing entries and comments are preserved
- '"ssh-rsa DATA_BASIC 1@testing" in multiple_keys_existing.stdout_lines[7]'
# start afresh
- name: remove file foo.txt
file:
path: "{{ output_dir | expanduser }}/authorized_keys"
state: absent
- name: touch the authorized_keys file
file:
dest: "{{ output_dir }}/authorized_keys"
state: touch
register: result
- name: assert that the authorized_keys file was created
assert:
that:
- 'result.changed == True'
- 'result.state == "file"'

241
tests/integration/targets/authorized_key/tasks/ssh_dss.yml Normal file
View File

@@ -0,0 +1,241 @@
# -------------------------------------------------------------
# basic ssh-dss key
- name: add basic ssh-dss key
authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_basic'
- 'result.key_options == None'
- name: re-add basic ssh-dss key
authorized_key: user=root key="{{ dss_key_basic }}" state=present path="{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with an unquoted option
- name: add ssh-dss key with an unquoted option
authorized_key:
user: root
key: "{{ dss_key_unquoted_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_unquoted_option'
- 'result.key_options == None'
- name: re-add ssh-dss key with an unquoted option
authorized_key:
user: root
key: "{{ dss_key_unquoted_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a leading command="/bin/foo"
- name: add ssh-dss key with a leading command
authorized_key:
user: root
key: "{{ dss_key_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command'
- 'result.key_options == None'
- name: re-add ssh-dss key with a leading command
authorized_key:
user: root
key: "{{ dss_key_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a complex quoted leading command
# ie. command="/bin/echo foo 'bar baz'"
- name: add ssh-dss key with a complex quoted leading command
authorized_key:
user: root
key: "{{ dss_key_complex_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_complex_command'
- 'result.key_options == None'
- name: re-add ssh-dss key with a complex quoted leading command
authorized_key:
user: root
key: "{{ dss_key_complex_command }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a command and a single option, which are
# in a comma-separated list
- name: add ssh-dss key with a command and a single option
authorized_key:
user: root
key: "{{ dss_key_command_single_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command_single_option'
- 'result.key_options == None'
- name: re-add ssh-dss key with a command and a single option
authorized_key:
user: root
key: "{{ dss_key_command_single_option }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with a command and multiple other options
- name: add ssh-dss key with a command and multiple options
authorized_key:
user: root
key: "{{ dss_key_command_multiple_options }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_command_multiple_options'
- 'result.key_options == None'
- name: re-add ssh-dss key with a command and multiple options
authorized_key:
user: root
key: "{{ dss_key_command_multiple_options }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# ssh-dss key with multiple trailing parts, which are space-
# separated and not quoted in any way
- name: add ssh-dss key with trailing parts
authorized_key:
user: root
key: "{{ dss_key_trailing }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_trailing'
- 'result.key_options == None'
- name: re-add ssh-dss key with trailing parts
authorized_key:
user: root
key: "{{ dss_key_trailing }}"
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that nothing changed
assert:
that:
- 'result.changed == False'
# -------------------------------------------------------------
# basic ssh-dss key with mutliple permit-open options
# https://github.com/ansible/ansible-modules-core/issues/1715
- name: add basic ssh-dss key with multi-opts
authorized_key:
user: root
key: "{{ dss_key_basic }}"
key_options: 'no-agent-forwarding,no-X11-forwarding,permitopen="10.9.8.1:8080",permitopen="10.9.8.1:9001"'
state: present
path: "{{ output_dir | expanduser }}/authorized_keys"
register: result
- name: assert that the key with multi-opts was added
assert:
that:
- 'result.changed == True'
- 'result.key == dss_key_basic'
- 'result.key_options == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\""'
- name: get the file content
shell: cat "{{ output_dir | expanduser }}/authorized_keys" | fgrep DATA_BASIC
changed_when: no
register: content
- name: validate content
assert:
that:
- 'content.stdout == "no-agent-forwarding,no-X11-forwarding,permitopen=\"10.9.8.1:8080\",permitopen=\"10.9.8.1:9001\" ssh-dss DATA_BASIC root@testing"'

3
tests/integration/targets/firewalld/aliases
View File

@@ -1,6 +1,5 @@
destructive
shippable/posix/group3
shippable/posix/group1
skip/aix
skip/freebsd
skip/osx
disabled # fixme

24
tests/integration/targets/firewalld/tasks/main.yml
View File

@@ -1,20 +1,6 @@
# Test playbook for the firewalld module
# (c) 2017, Adam Miller <admiller@redhat.com>
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Run firewalld tests
block:
@@ -29,6 +15,13 @@
register: check_output
ignore_errors: true
- name: Enable dbus-broker daemon
service:
name: dbus-broker
enabled: true
state: started
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('34', '=='))
- name: Test Online Operations
block:
- name: start firewalld
@@ -54,3 +47,4 @@
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '=='))
# Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros
- not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3)
- not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('7', '==')) # FIXME

63
tests/integration/targets/firewalld/tasks/port_forward_test_cases.yml Normal file
View File

@@ -0,0 +1,63 @@
# Test playbook for the firewalld module - port operations
# (c) 2017, Adam Miller <admiller@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: firewalld port forward test permanent enabled
firewalld:
port_forward:
- port: 8080
proto: tcp
toport: 8081
permanent: true
state: enabled
register: result
- name: assert firewalld port test permanent enabled worked
assert:
that:
- result is changed
- name: firewalld port test permanent enabled rerun (verify not changed)
firewalld:
port_forward:
- port: 8080
proto: tcp
toport: 8081
permanent: true
state: enabled
register: result
- name: assert firewalld port test permanent enabled rerun worked (verify not changed)
assert:
that:
- result is not changed
- name: firewalld port test permanent disabled
firewalld:
port_forward:
- port: 8080
proto: tcp
toport: 8081
permanent: true
state: disabled
register: result
- name: assert firewalld port test permanent disabled worked
assert:
that:
- result is changed
- name: firewalld port test permanent disabled rerun (verify not changed)
firewalld:
port_forward:
- port: 8080
proto: tcp
toport: 8081
permanent: true
state: disabled
register: result
- name: assert firewalld port test permanent disabled rerun worked (verify not changed)
assert:
that:
- result is not changed

71
tests/integration/targets/firewalld/tasks/port_test_cases.yml
View File

@@ -1,20 +1,63 @@
# Test playbook for the firewalld module - port operations
# (c) 2017, Adam Miller <admiller@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: firewalld port range test permanent enabled
firewalld:
port: 5500-6950/tcp
permanent: true
state: enabled
register: result
- name: assert firewalld port range test permanent enabled worked
assert:
that:
- result is changed
- name: firewalld port range test permanent enabled rerun (verify not changed)
firewalld:
port: 5500-6950/tcp
permanent: true
state: enabled
register: result
- name: assert firewalld port range test permanent enabled rerun worked (verify not changed)
assert:
that:
- result is not changed
- name: firewalld port test permanent enabled
firewalld:
port: 6900/tcp
permanent: true
state: enabled
register: result
- name: assert firewalld port test permanent enabled worked
assert:
that:
- result is changed
- name: firewalld port test permanent enabled
firewalld:
port: 6900/tcp
permanent: true
state: enabled
register: result
- name: assert firewalld port test permanent enabled worked
assert:
that:
- result is not changed
- name: firewalld port test disabled
firewalld:
port: "{{ item }}"
permanent: true
state: disabled
loop:
- 6900/tcp
- 5500-6950/tcp
- name: firewalld port test permanent enabled
firewalld:

23
tests/integration/targets/firewalld/tasks/run_all_tests.yml
View File

@@ -1,20 +1,6 @@
# Test playbook for the firewalld module
# (c) 2017, Adam Miller <admiller@redhat.com>
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Ensure /run/firewalld exists
file:
@@ -23,13 +9,12 @@
# firewalld service operation test cases
- include_tasks: service_test_cases.yml
# Skipping on CentOS 8 due to https://github.com/ansible/ansible/issues/64750
when: not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('8', '=='))
# firewalld port operation test cases
- include_tasks: port_test_cases.yml
# Skipping on CentOS 8 due to https://github.com/ansible/ansible/issues/64750
when: not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('8', '=='))
# firewalld source operation test cases
- import_tasks: source_test_cases.yml
# firewalld zone target operation test cases
- import_tasks: zone_target_test_cases.yml

121
tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml Normal file
View File

@@ -0,0 +1,121 @@
# Test playbook for the firewalld module - source operations
# (c) 2020, Adam Miller <admiller@redhat.com>
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- name: firewalld dmz zone target DROP
firewalld:
zone: dmz
permanent: True
state: present
target: DROP
register: result
- name: assert firewalld dmz zone target DROP present worked
assert:
that:
- result is changed
- name: firewalld dmz zone target DROP rerun (verify not changed)
firewalld:
zone: dmz
permanent: True
state: present
target: DROP
register: result
- name: assert firewalld dmz zone target DROP present worked (verify not changed)
assert:
that:
- result is not changed
- name: firewalld dmz zone target DROP absent
firewalld:
zone: dmz
permanent: True
state: absent
target: DROP
register: result
- name: assert firewalld dmz zone target DROP absent worked
assert:
that:
- result is changed
- name: firewalld dmz zone target DROP rerun (verify not changed)
firewalld:
zone: dmz
permanent: True
state: absent
target: DROP
register: result
- name: assert firewalld dmz zone target DROP present worked (verify not changed)
assert:
that:
- result is not changed
- name: firewalld dmz zone target %%REJECT%%
firewalld:
zone: dmz
permanent: True
state: present
target: '%%REJECT%%'
register: result
- name: assert firewalld dmz zone target %%REJECT%% present worked
assert:
that:
- result is changed
- name: firewalld dmz zone target %%REJECT%% rerun (verify not changed)
firewalld:
zone: dmz
permanent: True
state: present
target: '%%REJECT%%'
register: result
- name: assert firewalld dmz zone target %%REJECT%% present worked (verify not changed)
assert:
that:
- result is not changed
- name: firewalld dmz zone target %%REJECT%% absent
firewalld:
zone: dmz
permanent: True
state: absent
target: '%%REJECT%%'
register: result
- name: assert firewalld dmz zone target %%REJECT%% absent worked
assert:
that:
- result is changed
- name: firewalld dmz zone target %%REJECT%% rerun (verify not changed)
firewalld:
zone: dmz
permanent: True
state: absent
target: '%%REJECT%%'
register: result
- name: assert firewalld dmz zone target %%REJECT%% present worked (verify not changed)
assert:
that:
- result is not changed

5
tests/integration/targets/firewalld_info/aliases Normal file
View File

@@ -0,0 +1,5 @@
destructive
shippable/posix/group3
skip/aix
skip/freebsd
skip/osx

52
tests/integration/targets/firewalld_info/tasks/main.yml Normal file
View File

@@ -0,0 +1,52 @@
# Test playbook for the firewalld_info module
# (c) 2021, Hideki Saito <saito@fgrep.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# This test is based on the integration test playbook for firewalld module.
- name: Run firewalld tests
block:
- name: Ensure firewalld is installed
package:
name: firewalld
state: present
# This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6
- name: Check to make sure the firewalld python module is available.
shell: "{{ansible_python.executable}} -c 'import firewall'"
register: check_output_firewall
ignore_errors: true
- name: Check to make sure the dbus python module is available.
shell: "{{ansible_python.executable}} -c 'import dbus'"
register: check_output_dbus
ignore_errors: true
- name: Test Online Operations
block:
- name: start firewalld
service:
name: firewalld
state: started
- import_tasks: run_tests_in_started.yml
when:
- check_output_firewall.rc == 0
- check_output_dbus.rc == 0
- name: Test Offline Operations
block:
- name: stop firewalld
service:
name: firewalld
state: stopped
- import_tasks: run_tests_in_stopped.yml
when:
- check_output_firewall.rc == 0
- check_output_dbus.rc == 0
when:
- ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=')
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '=='))
# Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros
- not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3)

32
tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml Normal file
View File

@@ -0,0 +1,32 @@
# Test playbook for the firewalld_info module
# (c) 2021, Hideki Saito <saito@fgrep.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Ensure firewalld_info without options
firewalld_info:
register: result
- name: Assert collected_zones and undefined_zones
assert:
that:
- 'result.collected_zones and not result.undefined_zones'
- name: Ensure firewalld_info with active_zones
firewalld_info:
active_zones: yes
register: result
- name: Assert turn active_zones true
assert:
that:
- name: Ensure firewalld_zones with zone list
firewalld_info:
zones:
- public
- invalid_zone
register: result
- name: Assert specified zones
assert:
that:

40
tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml Normal file
View File

@@ -0,0 +1,40 @@
# Test playbook for the firewalld_info module
# (c) 2021, Hideki Saito <saito@fgrep.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Ensure firewalld_info without options
firewalld_info:
register: result
ignore_errors: yes
- name: Assert firewalld_info fails if firewalld is not running.
assert:
that:
- result.failed
- "'firewalld probably not be running,' in result.msg"
- name: Ensure firewalld_info with active_zones
firewalld_info:
active_zones: yes
register: result
ignore_errors: yes
- name: Assert firewalld_info with active_zones fails if firewalld is not running.
assert:
that:
- result.failed
- "'firewalld probably not be running,' in result.msg"
- name: Ensure firewalld_zones with zone list
firewalld_info:
zones:
- public
- invalid_zone
register: result
ignore_errors: yes
- name: Assert firewalld_info with zones list fails if firewalld is not running.
assert:
that:
- result.failed
- "'firewalld probably not be running,' in result.msg"

333
tests/integration/targets/mount/tasks/main.yml
View File

@@ -2,10 +2,12 @@
file:
state: directory
path: '{{ output_dir }}/mount_dest'
- name: Create a directory to bind mount
file:
state: directory
path: '{{ output_dir }}/mount_source'
- name: Put something in the directory so we see that it worked
copy:
content: 'Testing
@@ -13,6 +15,7 @@
'
dest: '{{ output_dir }}/mount_source/test_file'
register: orig_info
- name: Bind mount a filesystem (Linux)
mount:
src: '{{ output_dir }}/mount_source'
@@ -22,6 +25,7 @@
opts: bind
when: ansible_system == 'Linux'
register: bind_result_linux
- name: Bind mount a filesystem (FreeBSD)
mount:
src: '{{ output_dir }}/mount_source'
@@ -30,11 +34,13 @@
fstype: nullfs
when: ansible_system == 'FreeBSD'
register: bind_result_freebsd
- name: get checksum for bind mounted file
stat:
path: '{{ output_dir }}/mount_dest/test_file'
when: ansible_system in ('FreeBSD', 'Linux')
register: dest_stat
- name: assert the bind mount was successful
assert:
that:
@@ -42,6 +48,7 @@
- dest_stat['stat']['exists']
- orig_info['checksum'] == dest_stat['stat']['checksum']
when: ansible_system in ('FreeBSD', 'Linux')
- name: Bind mount a filesystem (Linux)
mount:
src: '{{ output_dir }}/mount_source'
@@ -51,6 +58,7 @@
opts: bind
when: ansible_system == 'Linux'
register: bind_result_linux
- name: Bind mount a filesystem (FreeBSD)
mount:
src: '{{ output_dir }}/mount_source'
@@ -59,11 +67,13 @@
fstype: nullfs
when: ansible_system == 'FreeBSD'
register: bind_result_freebsd
- name: Make sure we didn't mount a second time
assert:
that:
- (ansible_system == 'Linux' and not bind_result_linux['changed']) or (ansible_system == 'FreeBSD' and not bind_result_freebsd['changed'])
when: ansible_system in ('FreeBSD', 'Linux')
- name: Remount filesystem with different opts (Linux)
mount:
src: '{{ output_dir }}/mount_source'
@@ -73,6 +83,7 @@
opts: bind,ro
when: ansible_system == 'Linux'
register: bind_result_linux
- name: Remount filesystem with different opts (FreeBSD)
mount:
src: '{{ output_dir }}/mount_source'
@@ -82,9 +93,11 @@
opts: ro
when: ansible_system == 'FreeBSD'
register: bind_result_freebsd
- name: Get mount options
shell: mount | grep mount_dest | grep -E -w '(ro|read-only)' | wc -l
register: remount_options
- name: Make sure the filesystem now has the new opts
assert:
that:
@@ -92,192 +105,213 @@
- '''1'' in remount_options.stdout'
- 1 == remount_options.stdout_lines | length
when: ansible_system in ('FreeBSD', 'Linux')
- name: Unmount the bind mount
mount:
name: '{{ output_dir }}/mount_dest'
state: absent
when: ansible_system in ('Linux', 'FreeBSD')
register: unmount_result
- name: Make sure the file no longer exists in dest
stat:
path: '{{ output_dir }}/mount_dest/test_file'
when: ansible_system in ('FreeBSD', 'Linux')
register: dest_stat
- name: Check that we unmounted
assert:
that:
- unmount_result['changed']
- not dest_stat['stat']['exists']
when: ansible_system in ('FreeBSD', 'Linux')
- name: Create fstab record for the first swap file
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap1_created
when: ansible_system in ('Linux')
- name: Try to create fstab record for the first swap file again
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap1_created_again
when: ansible_system in ('Linux')
- name: Check that we created the swap1 record
assert:
that:
- swap1_created['changed']
- not swap1_created_again['changed']
when: ansible_system in ('Linux')
- name: Create fstab record for the second swap file
mount:
name: none
src: /tmp/swap2
opts: sw
fstype: swap
state: present
register: swap2_created
when: ansible_system in ('Linux')
- name: Try to create fstab record for the second swap file again
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap2_created_again
when: ansible_system in ('Linux')
- name: Check that we created the swap2 record
assert:
that:
- swap2_created['changed']
- not swap2_created_again['changed']
when: ansible_system in ('Linux')
- name: Remove the fstab record for the first swap file
mount:
name: none
src: /tmp/swap1
state: absent
register: swap1_removed
when: ansible_system in ('Linux')
- name: Try to remove the fstab record for the first swap file again
mount:
name: none
src: /tmp/swap1
state: absent
register: swap1_removed_again
when: ansible_system in ('Linux')
- name: Check that we removed the swap1 record
assert:
that:
- swap1_removed['changed']
- not swap1_removed_again['changed']
when: ansible_system in ('Linux')
- name: Remove the fstab record for the second swap file
mount:
name: none
src: /tmp/swap2
state: absent
register: swap2_removed
when: ansible_system in ('Linux')
- name: Try to remove the fstab record for the second swap file again
mount:
name: none
src: /tmp/swap2
state: absent
register: swap2_removed_again
when: ansible_system in ('Linux')
- name: Check that we removed the swap2 record
assert:
that:
- swap2_removed['changed']
- not swap2_removed_again['changed']
when: ansible_system in ('Linux')
- name: Create fstab record with missing last two fields
copy:
dest: /etc/fstab
content: '//nas/photo /home/jik/pictures cifs defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev
'
when: ansible_system in ('Linux')
- name: Try to change the fstab record with the missing last two fields
mount:
src: //nas/photo
path: /home/jik/pictures
fstype: cifs
opts: defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev,x-systemd.mount-timeout=0
state: present
register: optional_fields_update
when: ansible_system in ('Linux')
- name: Get the content of the fstab file
shell: cat /etc/fstab
register: optional_fields_content
when: ansible_system in ('Linux')
- name: Check if the line containing the missing last two fields was changed
assert:
that:
- optional_fields_update['changed']
- ''' 0 0'' in optional_fields_content.stdout'
- 1 == optional_fields_content.stdout_lines | length
when: ansible_system in ('Linux')
- name: Block to test remounted option
block:
- name: Create fstab record for the first swap file
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap1_created
- name: Try to create fstab record for the first swap file again
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap1_created_again
- name: Check that we created the swap1 record
assert:
that:
- swap1_created['changed']
- not swap1_created_again['changed']
- name: Create fstab record for the second swap file
mount:
name: none
src: /tmp/swap2
opts: sw
fstype: swap
state: present
register: swap2_created
- name: Try to create fstab record for the second swap file again
mount:
name: none
src: /tmp/swap1
opts: sw
fstype: swap
state: present
register: swap2_created_again
- name: Check that we created the swap2 record
assert:
that:
- swap2_created['changed']
- not swap2_created_again['changed']
- name: Remove the fstab record for the first swap file
mount:
name: none
src: /tmp/swap1
state: absent
register: swap1_removed
- name: Try to remove the fstab record for the first swap file again
mount:
name: none
src: /tmp/swap1
state: absent
register: swap1_removed_again
- name: Check that we removed the swap1 record
assert:
that:
- swap1_removed['changed']
- not swap1_removed_again['changed']
- name: Remove the fstab record for the second swap file
mount:
name: none
src: /tmp/swap2
state: absent
register: swap2_removed
- name: Try to remove the fstab record for the second swap file again
mount:
name: none
src: /tmp/swap2
state: absent
register: swap2_removed_again
- name: Check that we removed the swap2 record
assert:
that:
- swap2_removed['changed']
- not swap2_removed_again['changed']
- name: Create fstab record with missing last two fields
copy:
dest: /etc/fstab
content: '//nas/photo /home/jik/pictures cifs defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev
'
- name: Try to change the fstab record with the missing last two fields
mount:
src: //nas/photo
path: /home/jik/pictures
fstype: cifs
opts: defaults,credentials=/etc/security/nas.creds,uid=jik,gid=users,forceuid,forcegid,noserverino,_netdev,x-systemd.mount-timeout=0
state: present
register: optional_fields_update
- name: Get the content of the fstab file
shell: cat /etc/fstab
register: optional_fields_content
- name: Check if the line containing the missing last two fields was changed
assert:
that:
- optional_fields_update['changed']
- ''' 0 0'' in optional_fields_content.stdout'
- 1 == optional_fields_content.stdout_lines | length
- name: Create empty file
command: dd if=/dev/zero of=/tmp/myfs.img bs=1048576 count=20
when: ansible_system in ('Linux')
community.general.filesize:
path: /tmp/myfs.img
size: 20M
- name: Format FS
when: ansible_system in ('Linux')
community.general.system.filesystem:
community.general.filesystem:
fstype: ext3
dev: /tmp/myfs.img
- name: Mount the FS for the first time
mount:
path: /tmp/myfs
src: /tmp/myfs.img
fstype: ext2
state: mounted
when: ansible_system in ('Linux')
- name: Get the last write time
shell: 'dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i last write time: |cut -d: -f2-'
register: last_write_time
when: ansible_system in ('Linux')
- name: Wait 2 second
pause:
seconds: 2
when: ansible_system in ('Linux')
- name: Test if the FS is remounted
mount:
path: /tmp/myfs
state: remounted
when: ansible_system in ('Linux')
- name: Get again the last write time
shell: 'dumpe2fs /tmp/myfs.img 2>/dev/null | grep -i last write time: |cut -d: -f2-'
register: last_write_time2
when: ansible_system in ('Linux')
- name: Fail if they are the same
fail:
msg: Filesytem was not remounted, testing of the module failed!
when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout and ansible_system in ('Linux')
when: last_write is defined and last_write_time2 is defined and last_write_time.stdout == last_write_time2.stdout
- name: Remount filesystem with different opts using remounted option (Linux only)
mount:
path: /tmp/myfs
state: remounted
opts: rw,noexec
when: ansible_system == 'Linux'
- name: Get remounted options (Linux only)
shell: mount | grep myfs | grep -E -w 'noexec' | wc -l
register: remounted_options
when: ansible_system == 'Linux'
- name: Make sure the filesystem now has the new opts after using remounted (Linux only)
assert:
that:
- "'1' in remounted_options.stdout"
- "1 == remounted_options.stdout_lines | length"
when: ansible_system == 'Linux'
- name: Mount the FS again to test backup
mount:
path: /tmp/myfs
src: /tmp/myfs.img
fstype: ext2
state: mounted
backup: yes
register: mount_backup_out
- name: ensure backup_file in returned output
assert:
that:
- "'backup_file' in mount_backup_out"
always:
- name: Umount the test FS
mount:
@@ -285,7 +319,7 @@
src: /tmp/myfs.img
opts: loop
state: absent
when: ansible_system in ('Linux')
- name: Remove the test FS
file:
path: '{{ item }}'
@@ -293,4 +327,45 @@
loop:
- /tmp/myfs.img
- /tmp/myfs
when: ansible_system in ('Linux')
when: ansible_system in ('Linux')
- name: Block to test boot option for Linux
block:
- name: Create empty file
community.general.filesize:
path: /tmp/myfs.img
size: 20M
- name: Format FS
community.general.filesystem:
fstype: ext3
dev: /tmp/myfs.img
- name: Mount the FS with noauto option
mount:
path: /tmp/myfs
src: /tmp/myfs.img
fstype: ext3
state: mounted
boot: no
opts: rw,user,async
register: mount_info
- name: assert the mount without noauto was successful
assert:
that:
- mount_info['opts'] == 'rw,user,async,noauto'
- name: Unmount FS
mount:
path: /tmp/myfs
state: absent
- name: Remove the test FS
file:
path: '{{ item }}'
state: absent
loop:
- /tmp/myfs.img
- /tmp/myfs
when: ansible_system in ('Linux')

14
tests/integration/targets/selinux/tasks/selinux.yml
View File

@@ -48,9 +48,17 @@
var: _disable_test1
verbosity: 1
- name: Before gathering the fact
debug:
msg: "{{ ansible_selinux }}"
- name: TEST 1 | Re-gather facts
setup:
- name: After gathering the fact
debug:
msg: "{{ ansible_selinux }}"
- name: TEST 1 | Assert that status was changed, reboot_required is True, a warning was displayed, and SELinux is configured properly
assert:
that:
@@ -74,7 +82,7 @@
var: _disable_test2
verbosity: 1
- name: TEST 1 | Assert that no change is reported, a warnking was dispalyed, and reboot_required is True
- name: TEST 1 | Assert that no change is reported, a warning was displayed, and reboot_required is True
assert:
that:
- _disable_test2 is not changed
@@ -147,7 +155,7 @@
var: _state_test2
verbosity: 1
- name: TEST 2 | Assert that no change was reported, no warnings were dispalyed, and reboot_required is False
- name: TEST 2 | Assert that no change was reported, no warnings were displayed, and reboot_required is False
assert:
that:
- _state_test2 is not changed
@@ -380,7 +388,7 @@
var: _lineinfile_out1
verbosity: 1
- name: TEST 5 | Set SELinux to enforcing
- name: TEST 5 | Set SELinux to enforcing
selinux:
state: enforcing
policy: targeted

17
tests/integration/targets/setup_pkg_mgr/tasks/main.yml Normal file
View File

@@ -0,0 +1,17 @@
---
####################################################################
# WARNING: These are designed specifically for Ansible tests #
# and should not be used as examples of how to write Ansible roles #
####################################################################
- set_fact:
pkg_mgr: community.general.pkgng
ansible_pkg_mgr: community.general.pkgng
cacheable: yes
when: ansible_os_family == "FreeBSD"
- set_fact:
pkg_mgr: community.general.zypper
ansible_pkg_mgr: community.general.zypper
cacheable: yes
when: ansible_os_family == "Suse"

1
tests/integration/targets/synchronize/aliases
View File

@@ -1,2 +1 @@
shippable/posix/group1
disabled # fixme package

23
tests/integration/targets/sysctl/tasks/main.yml
View File

@@ -22,7 +22,7 @@
- name: Test inside Docker
when:
- ansible_facts.virtualization_type == 'docker'
- ansible_facts.virtualization_type == 'docker' or ansible_facts.virtualization_type == 'container'
block:
- set_fact:
output_dir_test: "{{ output_dir }}/test_sysctl"
@@ -289,3 +289,24 @@
- sysctl_check_mode2 is changed
- "'vm.swappiness=22' in sysctl_check_mode_conf_content.stdout_lines"
- sysctl_check_mode_current_vm_swappiness.stdout == '22'
# Test sysctl: invalid value
- name: Set invalid sysctl property using module
sysctl:
name: vm.mmap_rnd_bits
value: '1024'
state: present
reload: yes
sysctl_set: True
ignore_errors: True
register: sysctl_invalid_set1
- name: Read /etc/sysctl.conf
command: 'cat /etc/sysctl.conf'
register: sysctl_invalid_conf_content
- name: Ensure changes were not made
assert:
that:
- sysctl_invalid_set1 is failed
- "'vm.mmap_rnd_bits' not in sysctl_invalid_conf_content.stdout"

26
tests/sanity/ignore-2.10.txt
View File

@@ -1,34 +1,8 @@
plugins/module_utils/firewalld.py future-import-boilerplate
plugins/module_utils/firewalld.py metaclass-boilerplate
plugins/module_utils/mount.py future-import-boilerplate
plugins/module_utils/mount.py metaclass-boilerplate
plugins/modules/acl.py validate-modules:parameter-type-not-in-doc
plugins/modules/patch.py pylint:blacklisted-name
plugins/modules/synchronize.py pylint:blacklisted-name
plugins/modules/synchronize.py use-argspec-type-path
plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec
plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented
plugins/modules/synchronize.py validate-modules:parameter-list-no-elements
plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc
plugins/modules/synchronize.py validate-modules:undocumented-parameter
plugins/modules/at.py validate-modules:doc-required-mismatch
plugins/modules/authorized_key.py validate-modules:parameter-type-not-in-doc
plugins/modules/seboolean.py validate-modules:parameter-type-not-in-doc
plugins/modules/selinux.py validate-modules:invalid-ansiblemodule-schema
plugins/modules/selinux.py validate-modules:parameter-type-not-in-doc
plugins/modules/sysctl.py validate-modules:doc-missing-type
plugins/modules/sysctl.py validate-modules:parameter-type-not-in-doc
tests/unit/mock/path.py future-import-boilerplate
tests/unit/mock/path.py metaclass-boilerplate
tests/unit/mock/yaml_helper.py future-import-boilerplate
tests/unit/mock/yaml_helper.py metaclass-boilerplate
tests/unit/modules/conftest.py future-import-boilerplate
tests/unit/modules/conftest.py metaclass-boilerplate
tests/unit/modules/system/test_mount.py future-import-boilerplate
tests/unit/modules/system/test_mount.py metaclass-boilerplate
tests/unit/modules/utils.py future-import-boilerplate
tests/unit/modules/utils.py metaclass-boilerplate
tests/unit/plugins/action/test_synchronize.py future-import-boilerplate
tests/unit/plugins/action/test_synchronize.py metaclass-boilerplate
tests/utils/shippable/check_matrix.py replace-urlopen
tests/utils/shippable/timing.py shebang

8
tests/sanity/ignore-2.11.txt Normal file
View File

@@ -0,0 +1,8 @@
plugins/modules/synchronize.py pylint:blacklisted-name
plugins/modules/synchronize.py use-argspec-type-path
plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec
plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented
plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc
plugins/modules/synchronize.py validate-modules:undocumented-parameter
tests/utils/shippable/check_matrix.py replace-urlopen
tests/utils/shippable/timing.py shebang

8
tests/sanity/ignore-2.12.txt Normal file
View File

@@ -0,0 +1,8 @@
plugins/modules/synchronize.py pylint:blacklisted-name
plugins/modules/synchronize.py use-argspec-type-path
plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec
plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented
plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc
plugins/modules/synchronize.py validate-modules:undocumented-parameter
tests/utils/shippable/check_matrix.py replace-urlopen
tests/utils/shippable/timing.py shebang

22
tests/sanity/ignore-2.9.txt
View File

@@ -1,30 +1,8 @@
plugins/module_utils/firewalld.py future-import-boilerplate
plugins/module_utils/firewalld.py metaclass-boilerplate
plugins/module_utils/mount.py future-import-boilerplate
plugins/module_utils/mount.py metaclass-boilerplate
plugins/modules/acl.py validate-modules:parameter-type-not-in-doc
plugins/modules/synchronize.py pylint:blacklisted-name
plugins/modules/synchronize.py use-argspec-type-path
plugins/modules/synchronize.py validate-modules:doc-default-does-not-match-spec
plugins/modules/synchronize.py validate-modules:nonexistent-parameter-documented
plugins/modules/synchronize.py validate-modules:parameter-type-not-in-doc
plugins/modules/synchronize.py validate-modules:undocumented-parameter
plugins/modules/authorized_key.py validate-modules:parameter-type-not-in-doc
plugins/modules/seboolean.py validate-modules:parameter-type-not-in-doc
plugins/modules/selinux.py validate-modules:parameter-type-not-in-doc
plugins/modules/sysctl.py validate-modules:doc-missing-type
plugins/modules/sysctl.py validate-modules:parameter-type-not-in-doc
tests/unit/mock/path.py future-import-boilerplate
tests/unit/mock/path.py metaclass-boilerplate
tests/unit/mock/yaml_helper.py future-import-boilerplate
tests/unit/mock/yaml_helper.py metaclass-boilerplate
tests/unit/modules/conftest.py future-import-boilerplate
tests/unit/modules/conftest.py metaclass-boilerplate
tests/unit/modules/system/test_mount.py future-import-boilerplate
tests/unit/modules/system/test_mount.py metaclass-boilerplate
tests/unit/modules/utils.py future-import-boilerplate
tests/unit/modules/utils.py metaclass-boilerplate
tests/unit/plugins/action/test_synchronize.py future-import-boilerplate
tests/unit/plugins/action/test_synchronize.py metaclass-boilerplate
tests/utils/shippable/check_matrix.py replace-urlopen
tests/utils/shippable/timing.py shebang

4
tests/sanity/requirements.txt
View File

@@ -1,4 +0,0 @@
packaging # needed for update-bundled and changelog
sphinx ; python_version >= '3.5' # docs build requires python 3+
sphinx-notfound-page ; python_version >= '3.5' # docs build requires python 3+
straight.plugin ; python_version >= '3.5' # needed for hacking/build-ansible.py which will host changelog generation and requires python 3+

4
tests/unit/mock/path.py
View File

@@ -1,3 +1,7 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
from ansible_collections.ansible.posix.tests.unit.compat.mock import MagicMock
from ansible.utils.path import unfrackpath

4
tests/unit/mock/yaml_helper.py
View File

@@ -1,3 +1,7 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import io
import yaml

4
tests/unit/modules/conftest.py
View File

@@ -1,6 +1,10 @@
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import json
import pytest

4
tests/unit/modules/system/test_mount.py
View File

@@ -1,3 +1,7 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import os
import tempfile

4
tests/unit/modules/utils.py
View File

@@ -1,3 +1,7 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import json
from ansible_collections.ansible.posix.tests.unit.compat import unittest

Some files were not shown because too many files have changed in this diff Show More