Merge pull request #675 from saito-hideki/stable-1_pr673

[Backport][stable-1][CI]Update AZP CI matrix for stable-1

SUMMARY
Update the AZP CI matrix to bump the test container version to 7.0.0.

See more details in #673

ISSUE TYPE

CI Pull Request

COMPONENT NAME

ansible.posix

ADDITIONAL INFORMATION
None

.azure-pipelines/azure-pipelines.yml

@@ -37,13 +37,13 @@ variables:
 resources:
   containers:
     - container: default
-      image: quay.io/ansible/azure-pipelines-test-container:6.0.0
+      image: quay.io/ansible/azure-pipelines-test-container:7.0.0
 
 pool: Standard
 
 stages:
   - stage: Sanity_devel
-    displayName: Ansible devel sanity
+    displayName: Ansible devel sanity & Units & Lint
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -57,8 +57,23 @@ stages:
               test: units
             - name: Lint
               test: lint
+  - stage: Sanity_2_19
+    displayName: Ansible 2.19 sanity & Units & Lint
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: "{0}"
+          testFormat: 2.19/{0}
+          targets:
+            - name: Sanity
+              test: sanity
+            - name: Units
+              test: units
+            - name: Lint
+              test: lint
   - stage: Sanity_2_18
-    displayName: Ansible 2.18 sanity
+    displayName: Ansible 2.18 sanity & Units & Lint
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -73,7 +88,7 @@ stages:
             - name: Lint
               test: lint
   - stage: Sanity_2_17
-    displayName: Ansible 2.17 sanity
+    displayName: Ansible 2.17 sanity & Units & Lint
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -88,7 +103,7 @@ stages:
             - name: Lint
               test: lint
   - stage: Sanity_2_16
-    displayName: Ansible 2.16 sanity
+    displayName: Ansible 2.16 sanity & Units & Lint
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -100,19 +115,6 @@ stages:
               test: sanity
             - name: Units
               test: units
-  - stage: Sanity_2_15
-    displayName: Ansible 2.15 sanity
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: "{0}"
-          testFormat: 2.15/{0}
-          targets:
-            - name: Sanity
-              test: sanity
-            - name: Units
-              test: units
   ## Docker
   - stage: Docker_devel
     displayName: Docker devel
@@ -122,14 +124,28 @@ stages:
         parameters:
           testFormat: devel/linux/{0}/1
           targets:
-            - name: Fedora 40
-              test: fedora40
+            - name: Fedora 42
+              test: fedora42
+            - name: Ubuntu 22.04
+              test: ubuntu2204
+            - name: Ubuntu 24.04
+              test: ubuntu2404
+  - stage: Docker_2_19
+    displayName: Docker 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.19/linux/{0}/1
+          targets:
+            - name: Fedora 41
+              test: fedora41
             - name: Ubuntu 22.04
               test: ubuntu2204
             - name: Ubuntu 24.04
               test: ubuntu2404
   - stage: Docker_2_18
-    displayName: Docker devel
+    displayName: Docker 2.18
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -152,8 +168,6 @@ stages:
           targets:
             - name: Fedora 39
               test: fedora39
-            - name: Ubuntu 20.04
-              test: ubuntu2004
             - name: Ubuntu 22.04
               test: ubuntu2204
   - stage: Docker_2_16
@@ -168,27 +182,6 @@ stages:
               test: centos7
             - name: Fedora 38
               test: fedora38
-            - name: Ubuntu 20.04
-              test: ubuntu2004
-            - name: Ubuntu 22.04
-              test: ubuntu2204
-
-  - stage: Docker_2_15
-    displayName: Docker 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.15/linux/{0}/1
-          targets:
-            - name: CentOS 7
-              test: centos7
-            - name: Fedora 37
-              test: fedora37
-            - name: openSUSE 15 py3
-              test: opensuse15
-            - name: Ubuntu 20.04
-              test: ubuntu2004
             - name: Ubuntu 22.04
               test: ubuntu2204
 
@@ -201,12 +194,32 @@ stages:
         parameters:
           testFormat: devel/{0}/1
           targets:
-            - name: RHEL 9.4
-              test: rhel/9.4
-            - name: FreeBSD 13.3
-              test: freebsd/13.3
+            - name: RHEL 10.0
+              test: rhel/10.0
+            - name: RHEL 9.6
+              test: rhel/9.6
+            - name: FreeBSD 14.3
+              test: freebsd/14.3
+            - name: FreeBSD 13.5
+              test: freebsd/13.5
+  - stage: Remote_2_19
+    displayName: Remote 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.19/{0}/1
+          targets:
+            - name: RHEL 10.0
+              test: rhel/10.0
+            - name: RHEL 9.5
+              test: rhel/9.5
+            - name: FreeBSD 14.2
+              test: freebsd/14.2
+            - name: FreeBSD 13.5
+              test: freebsd/13.5
   - stage: Remote_2_18
-    displayName: Remote devel
+    displayName: Remote 2.18
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
@@ -215,8 +228,8 @@ stages:
           targets:
             - name: RHEL 9.4
               test: rhel/9.4
-            - name: FreeBSD 13.3
-              test: freebsd/13.3
+            - name: FreeBSD 13.5
+              test: freebsd/13.5
   - stage: Remote_2_17
     displayName: Remote 2.17
     dependsOn: []
@@ -227,8 +240,8 @@ stages:
           targets:
             - name: RHEL 9.3
               test: rhel/9.3
-            - name: FreeBSD 13.3
-              test: freebsd/13.3
+            - name: FreeBSD 13.5
+              test: freebsd/13.5
   - stage: Remote_2_16
     displayName: Remote 2.16
     dependsOn: []
@@ -241,34 +254,12 @@ stages:
               test: rhel/8.8
             - name: RHEL 9.2
               test: rhel/9.2
-            - name: FreeBSD 13.2
-              test: freebsd/13.2
-
-  - stage: Remote_2_15
-    displayName: Remote 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.15/{0}/1
-          targets:
-            - name: RHEL 7.9
-              test: rhel/7.9
-            - name: RHEL 8.7
-              test: rhel/8.7
-            - name: RHEL 9.1
-              test: rhel/9.1
-            - name: FreeBSD 13.2
-              test: freebsd/13.2
 
   ## Finally
 
   - stage: Summary
     condition: succeededOrFailed()
     dependsOn:
-      - Sanity_2_15
-      - Remote_2_15
-      - Docker_2_15
       - Sanity_2_16
       - Remote_2_16
       - Docker_2_16
@@ -278,8 +269,11 @@ stages:
       - Sanity_2_18
       - Remote_2_18
       - Docker_2_18
+      - Sanity_2_19
+      - Remote_2_19
+      - Docker_2_19
       - Sanity_devel
-      # - Remote_devel # Wait for test environment release
-      # - Docker_devel # Wait for test environment release
+      - Remote_devel
+      - Docker_devel
     jobs:
       - template: templates/coverage.yml

.github/BOTMETA.yml

@@ -40,6 +40,7 @@ files:
     labels: debug
   $plugins/patch.py:
     labels: patch
+  $plugins/skippy.py:
   $plugins/synchronize.py:
     labels: synchronize
   $plugins/timer.py:

CHANGELOG.rst

@@ -4,6 +4,39 @@ ansible.posix Release Notes
 
 .. contents:: Topics
 
+v1.6.2
+======
+
+Release Summary
+---------------
+
+This is the bugfix release of the stable version ``ansible.posix`` collection.
+This changelog contains all changes to the modules and plugins
+in this collection that have been added after the release of
+``ansible.posix`` 1.6.1.
+
+Bugfixes
+--------
+
+- backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578).
+
+v1.6.1
+======
+
+Release Summary
+---------------
+
+This is the bugfix release of the stable version ``ansible.posix`` collection.
+This changelog contains all changes to the modules and plugins
+in this collection that have been added after the release of
+``ansible.posix`` 1.6.1.
+
+Bugfixes
+--------
+
+- acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
+- mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
+- skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0 (https://github.com/ansible-collections/ansible.posix/issues/573).
 
 v1.6.0
 ======

README.md

@@ -22,7 +22,7 @@ For more information about communication, see the [Ansible communication guide](
 <!--start requires_ansible-->
 ## Ansible version compatibility
 
-This collection has been tested against following Ansible versions: **>=2.15**.
+This collection has been tested against following Ansible versions: **>=2.16**.
 <!--end requires_ansible-->
 
 ## Included content
@@ -74,13 +74,9 @@ None
 
 <!-- List the versions of Ansible the collection has been tested with. Must match what is in galaxy.yml. -->
 
-- ansible-core 2.19 (devel)
 - ansible-core 2.18 (stable) *
 - ansible-core 2.17 (stable)
 - ansible-core 2.16 (stable)
-- ansible-core 2.15 (stable)
-
-*Note: For ansible-core 2.18, CI only covers sanity tests and no integration tests will be run until the test environment is released.*
 
 ## Roadmap
 

changelogs/changelog.yaml

@@ -405,3 +405,43 @@ releases:
     - dropping-ansible29.yml
     - test-reqs.yml
     release_date: '2024-09-11'
+  1.6.1:
+    changes:
+      bugfixes:
+      - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).
+      - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).
+      - skippy - Revert removal of skippy plugin. It will be removed in version 2.0.0
+        (https://github.com/ansible-collections/ansible.posix/issues/573).
+      release_summary: 'This is the bugfix release of the stable version ``ansible.posix``
+        collection.
+
+        This changelog contains all changes to the modules and plugins
+
+        in this collection that have been added after the release of
+
+        ``ansible.posix`` 1.6.1.'
+    fragments:
+    - 1.6.1.yml
+    - 365-boot-linux.yml
+    - 566_bump_version_161.yml
+    - 567_remove_version_added.yml
+    - 570_nfs4_acl.yml
+    - 571_ci_bump_core_version.yml
+    - 572_revert_removal_of_skippy.yml
+    release_date: '2024-10-11'
+  1.6.2:
+    changes:
+      bugfixes:
+      - backport - Drop ansible-core 2.14 and set 2.15 minimum version (https://github.com/ansible-collections/ansible.posix/issues/578).
+      release_summary: 'This is the bugfix release of the stable version ``ansible.posix``
+        collection.
+
+        This changelog contains all changes to the modules and plugins
+
+        in this collection that have been added after the release of
+
+        ``ansible.posix`` 1.6.1.'
+    fragments:
+    - 1.6.2.yml
+    - 580_drop_ansible214.yml
+    release_date: '2024-10-22'

changelogs/fragments/365-boot-linux.yml

@@ -1,3 +0,0 @@
----
-bugfixes:
-  - mount - Handle ``boot`` option on Linux, NetBSD and OpenBSD correctly (https://github.com/ansible-collections/ansible.posix/issues/364).

changelogs/fragments/387_callback_output_header.yml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387).

changelogs/fragments/566_bump_version_161.yml

@@ -1,3 +0,0 @@
----
-trivial:
-  - Bump version to 1.6.1 for next release.

changelogs/fragments/567_remove_version_added.yml

@@ -1,3 +0,0 @@
----
-trivial:
-  - mount - remove wrong version_added section from ``opts_no_log``.

changelogs/fragments/568_update_authorized_key.yml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568)

changelogs/fragments/570_nfs4_acl.yml

@@ -1,3 +0,0 @@
----
-bugfixes:
-  - acl - Fixed to set ACLs on paths mounted with NFS version 4 correctly (https://github.com/ansible-collections/ansible.posix/issues/240).

changelogs/fragments/571_ci_bump_core_version.yml

@@ -1,3 +0,0 @@
----
-trivial:
-  - Bump ansible-core version to 2.19 of devel branch and add 2.18 to CI.

changelogs/fragments/576_bump_version_2.yml

@@ -1,3 +0,0 @@
----
-trivial:
-  - Bump ansible.posix version to 2.0.0.

changelogs/fragments/581_ci_selinux.yml

@@ -1,3 +0,0 @@
----
-trivial:
-  - selinux - conditions for selinux integration tests have been modified to be more accurate.

changelogs/fragments/584_firewalld_opt_type.yml

@@ -1,3 +0,0 @@
----
-breaking_changes:
-  - firewalld - Changed the type of forward and masquerade options from str to bool (https://github.com/ansible-collections/ansible.posix/issues/582).

changelogs/fragments/631_fixes_module_path.yml

@@ -0,0 +1,6 @@
+---
+bugfixes:
+  - ansible.posix.cgroup_perf_recap - fixes json module load path (https://github.com/ansible-collections/ansible.posix/issues/630).
+trivial:
+  - ansible.posix.seboolean - remove unnecessary condition from seboolean integration tests (https://github.com/ansible-collections/ansible.posix/issues/630).
+  - ansible.posix.selinux - optimize conditions for selinux integration tests (https://github.com/ansible-collections/ansible.posix/issues/630).

changelogs/fragments/642_ci_add_rhel10.yml

@@ -0,0 +1,2 @@
+trivial:
+  - Add Red Hat Enterprise Linux 10.0 to the CI matrix (https://github.com/ansible-collections/ansible.posix/issues/642).

changelogs/fragments/655_ci_remove_devel_from_stable1.yml

@@ -0,0 +1,2 @@
+trivial:
+  - Remove devel branch test from CI matrix for stable-1.

changelogs/fragments/675_update_ci_matrix_202508.yml

@@ -0,0 +1,2 @@
+trivial:
+  - Update AZP CI matrix to bump test container version 7.0.0(https://github.com/ansible-collections/ansible.posix/pull/673).

galaxy.yml

@@ -1,7 +1,7 @@
 ---
 namespace: ansible
 name: posix
-version: 2.0.0
+version: 1.6.2
 readme: README.md
 authors:
   - Ansible (github.com/ansible)

meta/runtime.yml

@@ -1,2 +1,8 @@
 ---
 requires_ansible: ">=2.15.0"
+plugin_routing:
+  callback:
+    skippy:
+      deprecation:
+        removal_date: "2024-12-05"
+        warning_text: See the plugin documentation for more details

plugins/callback/cgroup_perf_recap.py

@@ -132,6 +132,7 @@ DOCUMENTATION = '''
 
 import csv
 import datetime
+import json
 import os
 import time
 import threading
@@ -142,7 +143,7 @@ from functools import partial
 
 from ansible.module_utils._text import to_bytes, to_text
 from ansible.module_utils.six import with_metaclass
-from ansible.parsing.ajson import AnsibleJSONEncoder, json
+from ansible.parsing.ajson import AnsibleJSONEncoder
 from ansible.plugins.callback import CallbackBase
 
 

plugins/callback/profile_roles.py

@@ -128,10 +128,7 @@ class CallbackModule(CallbackBase):
         self._display_tasktime()
 
     def playbook_on_stats(self, stats):
-        # Align summary report header with other callback plugin summary
-        self._display.banner("ROLES RECAP")
-
-        self._display.display(tasktime())
+        self._display_tasktime()
         self._display.display(filled("", fchar="="))
 
         timestamp(self)

plugins/callback/profile_tasks.py

@@ -193,10 +193,7 @@ class CallbackModule(CallbackBase):
         self._display_tasktime()
 
     def playbook_on_stats(self, stats):
-        # Align summary report header with other callback plugin summary
-        self._display.banner("TASKS RECAP")
-
-        self._display.display(tasktime())
+        self._display_tasktime()
         self._display.display(filled("", fchar="="))
 
         timestamp(self)

plugins/callback/skippy.py

@@ -0,0 +1,43 @@
+# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
+# (c) 2017 Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+# Make coding more python3-ish
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    name: skippy
+    type: stdout
+    requirements:
+      - set as main display callback
+    short_description: Ansible screen output that ignores skipped status
+    deprecated:
+      why: The 'default' callback plugin now supports this functionality
+      removed_at_date: '2024-12-05'
+      alternative: "'default' callback plugin with 'display_skipped_hosts = no' option"
+    extends_documentation_fragment:
+      - default_callback
+    description:
+      - This callback does the same as the default except it does not output skipped host/task/item status
+'''
+
+from ansible.plugins.callback.default import CallbackModule as CallbackModule_default
+
+
+class CallbackModule(CallbackModule_default):
+
+    '''
+    This is the default callback interface, which simply prints messages
+    to stdout when new callback events are received.
+    '''
+
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'stdout'
+    CALLBACK_NAME = 'ansible.posix.skippy'
+
+    def v2_runner_on_skipped(self, result):
+        pass
+
+    def v2_runner_item_on_skipped(self, result):
+        pass

plugins/callback/timer.py

@@ -46,6 +46,4 @@ class CallbackModule(CallbackBase):
     def v2_playbook_on_stats(self, stats):
         end_time = datetime.utcnow()
         runtime = end_time - self.start_time
-        # Align summary report header with other callback plugin summary
-        self._display.banner("PLAYBOOK RECAP")
-        self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds\n\r" % (self.days_hours_minutes_seconds(runtime)))
+        self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds" % (self.days_hours_minutes_seconds(runtime)))

plugins/modules/authorized_key.py

@@ -24,7 +24,6 @@ options:
   key:
     description:
       - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
-      - You can also use V(file://) prefix to search remote for a file with SSH key(s).
     type: str
     required: true
   path:
@@ -97,12 +96,6 @@ EXAMPLES = r'''
     state: present
     key: https://github.com/charlie.keys
 
-- name: Set authorized keys taken from path on controller node
-  ansible.posix.authorized_key:
-    user: charlie
-    state: present
-    key: file:///home/charlie/.ssh/id_rsa.pub
-
 - name: Set authorized keys taken from url using lookup
   ansible.posix.authorized_key:
     user: charlie
@@ -230,7 +223,6 @@ from operator import itemgetter
 from ansible.module_utils._text import to_native
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.urls import fetch_url
-from ansible.module_utils.six.moves.urllib.parse import urlparse
 
 
 class keydict(dict):
@@ -564,7 +556,7 @@ def enforce_state(module, params):
     follow = params.get('follow', False)
     error_msg = "Error getting key from: %s"
 
-    # if the key is a url or file, request it and use it as key source
+    # if the key is a url, request it and use it as key source
     if key.startswith("http"):
         try:
             resp, info = fetch_url(module, key)
@@ -578,19 +570,6 @@ def enforce_state(module, params):
         # resp.read gives bytes on python3, convert to native string type
         key = to_native(key, errors='surrogate_or_strict')
 
-    if key.startswith("file"):
-        # if the key is an absolute path, check for existense and use it as a key source
-        key_path = urlparse(key).path
-        if not os.path.exists(key_path):
-            module.fail_json(msg="Path to a key file not found: %s" % key_path)
-        if not os.path.isfile(key_path):
-            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key_path)
-        try:
-            with open(key_path, 'r') as source_fh:
-                key = source_fh.read()
-        except OSError as e:
-            module.fail_json(msg="Failed to read key file %s : %s" % (key_path, to_native(e)))
-
     # extract individual keys into an array, skipping blank lines and comments
     new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
 

plugins/modules/firewalld.py

@@ -112,13 +112,11 @@ options:
     description:
       - The forward setting you would like to enable/disable to/from zones within firewalld.
       - This option only is supported by firewalld v0.9.0 or later.
-      - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later.
-    type: bool
+    type: str
   masquerade:
     description:
       - The masquerade setting you would like to enable/disable to/from zones within firewalld.
-      - Note that the option type is changed to bool in ansible.posix version 2.0.0 and later.
-    type: bool
+    type: str
   offline:
     description:
       - Ignores O(immediate) if O(permanent=true) and firewalld is not running.
@@ -877,8 +875,8 @@ def main():
             state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
             timeout=dict(type='int', default=0),
             interface=dict(type='str'),
-            forward=dict(type='bool'),
-            masquerade=dict(type='bool'),
+            forward=dict(type='str'),
+            masquerade=dict(type='str'),
             offline=dict(type='bool', default=False),
             target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
         ),
@@ -1131,7 +1129,16 @@ def main():
         msgs = msgs + transaction_msgs
 
     if forward is not None:
-        expected_state = 'enabled' if (desired_state == 'enabled') == forward else 'disabled'
+        # Type of forward will be changed to boolean in a future release.
+        forward_status = False
+        try:
+            forward_status = boolean(forward, False)
+        except TypeError:
+            module.warn('The value of the forward option is "%s". '
+                        'The type of the option will be changed from string to boolean in a future release. '
+                        'To avoid unexpected behavior, please change the value to boolean.' % forward)
+
+        expected_state = 'enabled' if (desired_state == 'enabled') == forward_status else 'disabled'
         transaction = ForwardTransaction(
             module,
             action_args=(),
@@ -1145,7 +1152,16 @@ def main():
         msgs = msgs + transaction_msgs
 
     if masquerade is not None:
-        expected_state = 'enabled' if (desired_state == 'enabled') == masquerade else 'disabled'
+        # Type of masquerade will be changed to boolean in a future release.
+        masquerade_status = True
+        try:
+            masquerade_status = boolean(masquerade, True)
+        except TypeError:
+            module.warn('The value of the masquerade option is "%s". '
+                        'The type of the option will be changed from string to boolean in a future release. '
+                        'To avoid unexpected behavior, please change the value to boolean.' % masquerade)
+
+        expected_state = 'enabled' if (desired_state == 'enabled') == masquerade_status else 'disabled'
         transaction = MasqueradeTransaction(
             module,
             action_args=(),

plugins/modules/sysctl.py

@@ -101,7 +101,6 @@ import os
 import platform
 import re
 import tempfile
-import glob
 
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.six import string_types
@@ -115,24 +114,12 @@ class SysctlModule(object):
     # success or failure.
     LANG_ENV = {'LANG': 'C', 'LC_ALL': 'C', 'LC_MESSAGES': 'C'}
 
-    # We define a variable to keep all the directories to be read, equivalent to
-    # (/sbin/sysctl --system) option
-    SYSCTL_DIRS = [
-        '/etc/sysctl.d/*.conf',
-        '/run/sysctl.d/*.conf',
-        '/usr/local/lib/sysctl.d/*.conf',
-        '/usr/lib/sysctl.d/*.conf',
-        '/lib/sysctl.d/*.conf',
-        '/etc/sysctl.conf'
-    ]
-
     def __init__(self, module):
         self.module = module
         self.args = self.module.params
 
         self.sysctl_cmd = self.module.get_bin_path('sysctl', required=True)
         self.sysctl_file = self.args['sysctl_file']
-        self.system_Wide = self.args['system_Wide']
 
         self.proc_value = None  # current token value in proc fs
         self.file_value = None  # current token value in file
@@ -312,22 +299,15 @@ class SysctlModule(object):
             # https://github.com/ansible/ansible/issues/58158
             return
         else:
-            if self.system_Wide:
-                for sysctl_file in self.SYSCTL_DIRS:
-                    for conf_file in glob.glob(sysctl_file):
-                        rc, out, err = self.module.run_command([self.sysctl_cmd, '-p', conf_file], environ_update=self.LANG_ENV)
-                        if rc != 0 or self._stderr_failed(err):
-                            self.module.fail_json(msg="Failed to reload sysctl: %s" % to_native(out) + to_native(err))
-            else:
-                # system supports reloading via the -p flag to sysctl, so we'll use that
-                sysctl_args = [self.sysctl_cmd, '-p', self.sysctl_file]
-                if self.args['ignoreerrors']:
-                    sysctl_args.insert(1, '-e')
+            # system supports reloading via the -p flag to sysctl, so we'll use that
+            sysctl_args = [self.sysctl_cmd, '-p', self.sysctl_file]
+            if self.args['ignoreerrors']:
+                sysctl_args.insert(1, '-e')
 
-                rc, out, err = self.module.run_command(sysctl_args, environ_update=self.LANG_ENV)
+            rc, out, err = self.module.run_command(sysctl_args, environ_update=self.LANG_ENV)
 
-            if rc != 0 or self._stderr_failed(err):
-                self.module.fail_json(msg="Failed to reload sysctl: %s" % to_native(out) + to_native(err))
+        if rc != 0 or self._stderr_failed(err):
+            self.module.fail_json(msg="Failed to reload sysctl: %s" % to_native(out) + to_native(err))
 
     # ==============================================================
     #   SYSCTL FILE MANAGEMENT
@@ -414,8 +394,7 @@ def main():
             reload=dict(default=True, type='bool'),
             sysctl_set=dict(default=False, type='bool'),
             ignoreerrors=dict(default=False, type='bool'),
-            sysctl_file=dict(default='/etc/sysctl.conf', type='path'),
-            system_wide=dict(default=False, type='bool'),  # system_wide parameter
+            sysctl_file=dict(default='/etc/sysctl.conf', type='path')
         ),
         supports_check_mode=True,
         required_if=[('state', 'present', ['value'])],

tests/integration/targets/acl/tasks/acl.yml

@@ -46,6 +46,12 @@
     path: "{{ test_dir }}"
     state: directory
     mode: "0755"
+
+- name: Install acl package
+  ansible.builtin.package:
+    name: acl
+    state: present
+
 ##############################################################################
 - name: Grant ansible user read access to a file
   ansible.posix.acl:

tests/integration/targets/authorized_key/defaults/main.yml

@@ -35,5 +35,3 @@ multiple_keys_comments: |
   ssh-rsa DATA_BASIC 1@testing
   # I like adding comments yo-dude-this-is-not-a-key INVALID_DATA 2@testing
   ecdsa-sha2-nistp521 ECDSA_DATA 4@testing
-
-key_path: /tmp/id_rsa.pub

tests/integration/targets/authorized_key/tasks/check_path.yml

@@ -1,32 +0,0 @@
----
-- name: Create key file for test
-  ansible.builtin.copy:
-    dest: "{{ key_path }}"
-    content: "{{ rsa_key_basic }}"
-    mode: "0600"
-
-- name: Add key using path
-  ansible.posix.authorized_key:
-    user: root
-    key: file://{{ key_path }}
-    state: present
-    path: "{{ output_dir | expanduser }}/authorized_keys"
-  register: result
-
-- name: Assert that the key was added
-  ansible.builtin.assert:
-    that:
-      - result.changed == true
-
-- name: Add key using path again
-  ansible.posix.authorized_key:
-    user: root
-    key: file://{{ key_path }}
-    state: present
-    path: "{{ output_dir | expanduser }}/authorized_keys"
-  register: result
-
-- name: Assert that no changes were applied
-  ansible.builtin.assert:
-    that:
-      - result.changed == false

tests/integration/targets/authorized_key/tasks/main.yml

@@ -31,6 +31,3 @@
 
 - name: Test for the management of comments with key
   ansible.builtin.import_tasks: comments.yml
-
-- name: Test for specifying key as a path
-  ansible.builtin.import_tasks: check_path.yml

tests/integration/targets/firewalld/aliases

@@ -1,3 +1,5 @@
+needs/privileged
+needs/root
 destructive
 shippable/posix/group1
 skip/aix

tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml

@@ -114,3 +114,60 @@
       ansible.builtin.assert:
         that:
           - result is not changed
+
+# Validate backwards compatible behavior until masquerade is switched from string to boolean type
+- name: Masquerade enabled when masquerade is non-boolean string and state is enabled
+  block:
+    - name: Testing enable masquerade
+      ansible.posix.firewalld:
+        zone: trusted
+        masquerade: some string
+        permanent: true
+        state: enabled
+      register: result
+
+    - name: Assert masquerade is enabled
+      ansible.builtin.assert:
+        that:
+          - result is changed
+
+    - name: Testing enable masquerade (verify not changed)
+      ansible.posix.firewalld:
+        zone: trusted
+        masquerade: some string
+        permanent: true
+        state: enabled
+      register: result
+
+    - name: Assert masquerade is enabled (verify not changed)
+      ansible.builtin.assert:
+        that:
+          - result is not changed
+
+- name: Masquerade disabled when masquerade is non-boolean string and state is disabled
+  block:
+    - name: Testing disable masquerade
+      ansible.posix.firewalld:
+        zone: trusted
+        masquerade: some string
+        permanent: true
+        state: disabled
+      register: result
+
+    - name: Assert masquerade is disabled
+      ansible.builtin.assert:
+        that:
+          - result is changed
+
+    - name: Testing disable masquerade (verify not changed)
+      ansible.posix.firewalld:
+        zone: trusted
+        masquerade: some string
+        permanent: true
+        state: disabled
+      register: result
+
+    - name: Assert masquerade is disabled (verify not changed)
+      ansible.builtin.assert:
+        that:
+          - result is not changed

tests/integration/targets/seboolean/tasks/main.yml

@@ -20,5 +20,4 @@
   ansible.builtin.include_tasks: seboolean.yml
   when:
     - ansible_selinux is defined
-    - ansible_selinux
     - ansible_selinux.status == 'enabled'

tests/integration/targets/selinux/tasks/main.yml

@@ -19,23 +19,21 @@
 - name: Debug message for when SELinux is disabled
   ansible.builtin.debug:
     msg: SELinux is disabled
-  when: ansible_selinux is defined and not ansible_selinux
+  when: ansible_selinux is defined and ansible_selinux.status == 'disabled'
 
 - name: Debug message for when SELinux is enabled and not disabled
   ansible.builtin.debug:
     msg: SELinux is {{ ansible_selinux.status }}
-  when: ansible_selinux is defined and ansible_selinux
+  when: ansible_selinux is defined
 
 - name: Include_tasks for when SELinux is enabled
   ansible.builtin.include_tasks: selinux.yml
   when:
     - ansible_selinux is defined
-    - ansible_selinux
     - ansible_selinux.status == 'enabled'
 
 - name: Include tasks for selogin when SELinux is enabled
   ansible.builtin.include_tasks: selogin.yml
   when:
     - ansible_selinux is defined
-    - ansible_selinux
     - ansible_selinux.status == 'enabled'

tests/integration/targets/sysctl/tasks/main.yml

@@ -229,40 +229,6 @@
       ansible.builtin.assert:
         that:
           - sysctl_test4 is failed
-        
-      ##
-      ## sysctl --system
-      ##
-
-    - name: Set vm.swappiness to 10 with --system option
-      ansible.posix.sysctl:
-        name: vm.swappiness
-        value: 10
-        state: present
-        reload: false
-        sysctl_set: true
-        system: true
-      register: sysctl_system_test1
-
-    - name: Check with sysctl command
-      ansible.builtin.command: sysctl vm.swappiness
-      changed_when: false
-      register: sysctl_check_system1
-
-    - name: Debug sysctl_system_test1 sysctl_check_system1
-      ansible.builtin.debug:
-        var: item
-        verbosity: 1
-      with_items:
-        - "{{ sysctl_system_test1 }}"
-        - "{{ sysctl_check_system1 }}"
-
-    - name: Validate results for --system option
-      ansible.builtin.assert:
-        that:
-          - sysctl_system_test1 is changed
-          - sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]
-
 
 - name: Test on RHEL VMs
   when:
@@ -400,33 +366,3 @@
         that:
           - stat_result.stat.islnk is defined and stat_result.stat.islnk
           - stat_result.stat.lnk_source == '/tmp/ansible_sysctl_test.conf'
-    
-    # Test sysctl: --system
-    - name: Set vm.swappiness to 10 with --system option
-      ansible.posix.sysctl:
-        name: vm.swappiness
-        value: 10
-        state: present
-        reload: false
-        sysctl_set: true
-        system: true
-      register: sysctl_system_test1
-
-    - name: Check with sysctl command
-      ansible.builtin.command: sysctl vm.swappiness
-      changed_when: false
-      register: sysctl_check_system1
-
-    - name: Debug sysctl_system_test1 sysctl_check_system1
-      ansible.builtin.debug:
-        var: item
-        verbosity: 1
-      with_items:
-        - "{{ sysctl_system_test1 }}"
-        - "{{ sysctl_check_system1 }}"
-
-    - name: Validate results for --system option
-      ansible.builtin.assert:
-        that:
-          - sysctl_system_test1 is changed
-          - sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]

tests/sanity/ignore-2.20.txt

@@ -0,0 +1 @@
+tests/utils/shippable/timing.py shebang

tests/utils/shippable/shippable.sh

@@ -62,15 +62,15 @@ else
     retry pip install "https://github.com/ansible/ansible/archive/stable-${ansible_version}.tar.gz" --disable-pip-version-check
 fi
 
-export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../"
+export ANSIBLE_COLLECTIONS_PATH="${PWD}/../../../"
 
 # START: HACK install dependencies
 if [ "${ansible_version}" == "2.9" ] || [ "${ansible_version}" == "2.10" ]; then
     # Note: Since community.general 5.x, Ansible Core versions prior to 2.11 are not supported.
     # So we need to use 4.8.1 for Ansible 2.9 and Ansible Engine 2.10.
-    retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general"
+    retry git clone --depth=1 --single-branch -b 4.8.1 https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general"
 else
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/general"
+    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.general.git "${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/community/general"
 fi
 # Note:  we're installing with git to work around Galaxy being a huge PITA (https://github.com/ansible/galaxy/issues/2429)
 # END: HACK