Import from AlmaLinux stable repository

import rhel-system-roles-1.21.2-1.el8_8
import rhel-system-roles-1.21.1-1.el8_8
2024-05-31 18:06:27 +00:00 · 2023-06-29 21:00:46 +00:00 · 2023-05-16 07:10:25 +00:00 · 2022-11-08 10:46:03 +00:00 · 2022-08-03 02:50:08 +00:00 · 2022-05-10 15:01:59 +00:00
25 changed files with 2686 additions and 2892 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,34 @@
-SOURCES/kdump-0c2bb28.tar.gz
-SOURCES/network-d5891d4.tar.gz
-SOURCES/postfix-0.1.tar.gz
-SOURCES/selinux-6cd1ec8.tar.gz
-SOURCES/storage-1594e25.tar.gz
-SOURCES/timesync-924650d.tar.gz
+SOURCES/ad_integration-1.4.2.tar.gz
+SOURCES/ansible-posix-1.5.4.tar.gz
+SOURCES/ansible-sshd-v0.23.2.tar.gz
+SOURCES/auto-maintenance-11ad785c9bb72611244e7909450ca4247e12db4d.tar.gz
+SOURCES/bootloader-1.0.3.tar.gz
+SOURCES/certificate-1.3.3.tar.gz
+SOURCES/cockpit-1.5.5.tar.gz
+SOURCES/community-general-8.3.0.tar.gz
+SOURCES/containers-podman-1.12.0.tar.gz
+SOURCES/crypto_policies-1.3.2.tar.gz
+SOURCES/fapolicyd-1.1.1.tar.gz
+SOURCES/firewall-1.7.4.tar.gz
+SOURCES/ha_cluster-1.14.0.tar.gz
+SOURCES/journald-1.2.3.tar.gz
+SOURCES/kdump-1.4.4.tar.gz
+SOURCES/kernel_settings-1.2.2.tar.gz
+SOURCES/keylime_server-1.1.2.tar.gz
+SOURCES/logging-1.12.4.tar.gz
+SOURCES/metrics-1.10.1.tar.gz
+SOURCES/nbde_client-1.2.17.tar.gz
+SOURCES/nbde_server-1.4.3.tar.gz
+SOURCES/network-1.15.1.tar.gz
+SOURCES/podman-1.4.7.tar.gz
+SOURCES/postfix-1.4.3.tar.gz
+SOURCES/postgresql-1.3.5.tar.gz
+SOURCES/rhc-1.6.0.tar.gz
+SOURCES/selinux-1.7.4.tar.gz
+SOURCES/snapshot-1.3.1.tar.gz
+SOURCES/ssh-1.3.2.tar.gz
+SOURCES/storage-1.16.2.tar.gz
+SOURCES/systemd-1.1.2.tar.gz
+SOURCES/timesync-1.8.2.tar.gz
+SOURCES/tlog-1.3.3.tar.gz
+SOURCES/vpn-1.6.3.tar.gz
--- a/.rhel-system-roles.metadata
+++ b/.rhel-system-roles.metadata
@ -1,6 +0,0 @@
-36b200d1c6a8d1cb1ea87e3e9aa8c4f6bbd8155d SOURCES/kdump-0c2bb28.tar.gz
-530aaa9302d90c278b9e1c8d8513e516494e3380 SOURCES/network-d5891d4.tar.gz
-66c82331f4ac9598c506c3999965b4d07dbfe49d SOURCES/postfix-0.1.tar.gz
-246383bd6823533ed3a51a0501b75e38ba852908 SOURCES/selinux-6cd1ec8.tar.gz
-aa1c37b04cef831148d9834033fe414156ba62df SOURCES/storage-1594e25.tar.gz
-ffd2a706e4e3007684aa9874c8457ad5c8920050 SOURCES/timesync-924650d.tar.gz
--- a/SOURCES/CHANGELOG.md
+++ b/SOURCES/CHANGELOG.md
@ -0,0 +1,709 @@
+Changelog
+=========
+[1.23.0] - 2024-01-15
+----------------------------
+
+### New Features
+
+- [RHEL for Edge support in system roles](https://issues.redhat.com/browse/RHEL-15872)
+- [ad_integration - feat: Add sssd custom settings](https://issues.redhat.com/browse/RHEL-17667)
+- [ad_integration - Enable AD dynamic DNS updates](https://issues.redhat.com/browse/RHEL-1119)
+- [ad_integration - feat: add ad_integration_preserve_authselect_profile](https://issues.redhat.com/browse/RHEL-21383)
+- [ad_integration - feat: Add SSSD parameters support](https://issues.redhat.com/browse/RHEL-21134)
+- [bootloader - Create bootloader role (MVP)](https://issues.redhat.com/browse/RHEL-3241)
+- [fapolicyd - feat: Import code for fapolicyd system role](https://issues.redhat.com/browse/RHEL-16542)
+- [ha_cluster - [RFE] HA Cluster system role should be able to enable Resilient Storage repository](https://issues.redhat.com/browse/RHEL-14090)
+- [ha_cluster - [FutureFeature] Allow ha_cluster role to configure fencing topology](https://issues.redhat.com/browse/RHEL-4624)
+- [ha_cluster - [FutureFeature] Allow ha_cluster role to configure all qdevice options](https://issues.redhat.com/browse/RHEL-3264)
+- [ha_cluster - Setting cluster members attributes](https://issues.redhat.com/browse/RHEL-22108)
+- [journald - feat: Add support for ForwardToSyslog](https://issues.redhat.com/browse/RHEL-21123)
+- [logging - feat: Add support for the global config option preserveFQDN with a new logg…](https://issues.redhat.com/browse/RHEL-15933)
+- [logging - feat: Add support for general queue and general action parameters](https://issues.redhat.com/browse/RHEL-15440)
+- [metrics - [RFE] Metrics system role support for configuring PMIE webhooks](https://issues.redhat.com/browse/RHEL-18170)
+- [network - Add blackhole type route](https://issues.redhat.com/browse/RHEL-21491)
+- [postgresql - feat: Enable support for Postgresql 16](https://issues.redhat.com/browse/RHEL-18963)
+- [rhc - support RHEL 7 managed nodes](https://issues.redhat.com/browse/RHEL-16977)
+- [rhc - new rhc_insights.ansible_host parameter](https://issues.redhat.com/browse/RHEL-16975)
+- [rhc - new rhc_insights.display_name parameter](https://issues.redhat.com/browse/RHEL-16965)
+- [snapshot - New Role for storage snapshot management (lvm, etc.)](https://issues.redhat.com/browse/RHEL-16553)
+- [sshd - ansible-sshd Manage SSH certificates](https://issues.redhat.com/browse/RHEL-5985)
+- [storage - feat: Support for creating volumes without a FS](https://issues.redhat.com/browse/RHEL-16213)
+- [storage - Basic support for creating shared logical volumes (RHEL 8)](https://issues.redhat.com/browse/RHEL-14022)
+
+### Bug Fixes
+
+- [ha_cluster - high-availability firewall service is not added on qdevice node](https://issues.redhat.com/browse/RHEL-17874)
+- [ha_cluster - Timeout issue between SBD with delay-start and systemd unit](https://issues.redhat.com/browse/RHEL-4684)
+- [kdump - fix: retry read of kexec_crash_size](https://issues.redhat.com/browse/RHEL-3354)
+- [keylime_server - won't detect registrar start failure](https://issues.redhat.com/browse/RHEL-21946)
+- [logging - fix: check that logging_max_message_size is set, not rsyslog_max_message_size](https://issues.redhat.com/browse/RHEL-15038)
+- [nbde_server - fix: Allow tangd socket override directory to be managed outside of the role](https://issues.redhat.com/browse/RHEL-25509)
+- [network - Ansible RHEL network system role issue with ipv6.routing-rules the prefix length for 'from' cannot be zero"](https://issues.redhat.com/browse/RHEL-16501)
+- [podman - fix: cast secret data to string in order to allow JSON valued strings](https://issues.redhat.com/browse/RHEL-22310)
+- [podman - fix: name of volume quadlet service should be basename-volume.service](https://issues.redhat.com/browse/RHEL-21402)
+- [podman - fix: add no_log: true for tasks that can log secret data](https://issues.redhat.com/browse/RHEL-19242)
+- [podman - fix: user linger needed before secrets](https://issues.redhat.com/browse/RHEL-22229)
+- [postgresql - PostgreSQL system role: unable to install PostgreSQL version 15 on RHEL 9](https://issues.redhat.com/browse/RHEL-21400)
+- [selinux - fix: Use `ignore_selinux_state` module option](https://issues.redhat.com/browse/RHEL-15871)
+- [selinux - fix: Print an error message when module to be created doesn't exist](https://issues.redhat.com/browse/RHEL-19044)
+- [selinux - fix: no longer use "item" as a loop variable](https://issues.redhat.com/browse/RHEL-19042)
+
+[1.22.0] - 2023-08-15
+----------------------------
+
+### New Features
+
+- [ALL - fingerprint in config files managed by roles](https://bugzilla.redhat.com/show_bug.cgi?id=2186910)
+- [ad_integration - add ad_integration_force_rejoin](https://bugzilla.redhat.com/show_bug.cgi?id=2211723)
+- [certificate - add mode parameter to change permissions for cert files](https://bugzilla.redhat.com/show_bug.cgi?id=2218204)
+- [firewall - missing module in linux-system-roles.firewall to create an ipset](https://bugzilla.redhat.com/show_bug.cgi?id=2140880)
+- [firewall - fix: reload on resetting to defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2224648)
+- [firewall - should have option to disable conflicting services](https://bugzilla.redhat.com/show_bug.cgi?id=2222809)
+- [ha_cluster - Add possibility to load SBD watchdog kernel modules](https://bugzilla.redhat.com/show_bug.cgi?id=2190478)
+- [ha_cluster - cluster and quorum can have distinct passwords](https://bugzilla.redhat.com/show_bug.cgi?id=2216485)
+- [ha_cluster - support for resource and operation defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2190483)
+- [kdump - support auto_reset_crashkernel, dracut_args, deprecate /etc/sysconfig/kdump](https://bugzilla.redhat.com/show_bug.cgi?id=2211272)
+- [keylime_server - system role for managing keylime servers](https://bugzilla.redhat.com/show_bug.cgi?id=2224387)
+- [network - Support configuring auto-dns setting](https://bugzilla.redhat.com/show_bug.cgi?id=2211273)
+- [network - Support no-aaaa DNS option](https://bugzilla.redhat.com/show_bug.cgi?id=2218595)
+- [podman - allow container networking configuration](https://bugzilla.redhat.com/show_bug.cgi?id=2220963)
+- [podman - support for healthchecks and healthcheck actions](https://bugzilla.redhat.com/show_bug.cgi?id=2220961)
+- [podman - support quadlet units](https://bugzilla.redhat.com/show_bug.cgi?id=2220962)
+- [postgresql - [RFE] system role for PostgreSQL management](https://bugzilla.redhat.com/show_bug.cgi?id=2151371)
+- [rhc - implement rhc_proxy.scheme](https://bugzilla.redhat.com/show_bug.cgi?id=2211778)
+- [rhc - [RFE] New role for Red Hat subscription management, insights management [rhel-8.9.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2179016)
+- [ssh - add ssh_backup option with default true](https://bugzilla.redhat.com/show_bug.cgi?id=2216759)
+- [storage - RFE for the storage system role to support configuring the stripe size for RAID LVM volumes](https://bugzilla.redhat.com/show_bug.cgi?id=2141961)
+- [storage - [RFE] user-specified mount point owner and permissions](https://bugzilla.redhat.com/show_bug.cgi?id=2181661)
+- [systemd - system role for managing systemd units](https://bugzilla.redhat.com/show_bug.cgi?id=2224388)
+
+### Bug Fixes
+
+- [ALL - facts being gathered unnecessarily](https://bugzilla.redhat.com/show_bug.cgi?id=2223036)
+- [ad_integration - leaks credentials when in check_mode](https://bugzilla.redhat.com/show_bug.cgi?id=2233183)
+- [certificate - rhel-system-roles.certificate does not re-issue after updating key_size](https://bugzilla.redhat.com/show_bug.cgi?id=2186057)
+- [firewall - fix: reload on resetting to defaults](https://bugzilla.redhat.com/show_bug.cgi?id=2224648)
+- [firewall - Check mode fails with replacing previous rules](https://issues.redhat.com/browse/RHEL-899)
+- [firewall - Check mode fails when creating new firewall service](https://bugzilla.redhat.com/show_bug.cgi?id=2222433)
+- [firewall - Ansible RHEL firewall system role not idempotent when configuring the interface using the role in rhel9](https://issues.redhat.com/browse/RHEL-918)
+- [firewall - Don't install python(3)-firewall it's a dependency of firewalld](https://bugzilla.redhat.com/show_bug.cgi?id=2216521)
+- [firewall - fix: files: overwrite firewalld.conf on previous replaced](https://issues.redhat.com/browse/RHEL-1496)
+- [kdump - use failure_action instead of default on EL9 and later](https://issues.redhat.com/browse/RHEL-907)
+- [kdump - role: "Write new authorized_keys if needed" task idempotency issues](https://bugzilla.redhat.com/show_bug.cgi?id=2232391)
+- [kdump - system role fails if kdump_ssh_user doesn't have a .ssh/authorized_keys file in home directory](https://bugzilla.redhat.com/show_bug.cgi?id=2232392)
+- [kdump - fix: ensure .ssh directory exists for kdump_ssh_user on kdump_ssh_server](https://issues.redhat.com/browse/RHEL-1398)
+- [kdump - fix: Ensure authorized_keys management works with multiple hosts](https://issues.redhat.com/browse/RHEL-1500)
+- [podman - Podman system role:  Unable to use podman_registries_conf to set unqualified-search-registries](https://bugzilla.redhat.com/show_bug.cgi?id=2226077)
+- [rhc - system role does not apply Insights tags](https://bugzilla.redhat.com/show_bug.cgi?id=2209441)
+- [storage - Cannot set chunk size for RAID: Unsupported parameters for (blivet) module: pools.raid_chunk_size](https://bugzilla.redhat.com/show_bug.cgi?id=2193057)
+- [storage - RAID volume pre cleanup - remove existing data from member disks as needed before creation](https://bugzilla.redhat.com/show_bug.cgi?id=2224094)
+- [storage - Storage: mounted devices that are in use cannot be resized](https://bugzilla.redhat.com/show_bug.cgi?id=2168738)
+- [storage - fix: use stat.pw_name, stat.gr_name instead of owner, group](https://issues.redhat.com/browse/RHEL-1498)
+- [tlog - use the proxy provider - the files provider is deprecated in sssd](https://bugzilla.redhat.com/show_bug.cgi?id=2191702)
+
+[1.21.1] - 2023-03-16
+----------------------------
+
+### New Features
+
+- [rhc - New Role - Red Hat subscription management, insights management](https://bugzilla.redhat.com/show_bug.cgi?id=2144877)
+
+### Bug Fixes
+
+- none
+
+[1.21.0] - 2023-02-20
+----------------------------
+
+### New Features
+
+- [ad_integration - [RFE] new role to support AD integration, join to AD domain](https://bugilla.redhat.com/show_bug.cgi?id=2144876)
+- [cockpit - [RFE] convert cockpit role to use firewall, selinux role, and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2137667)
+- [ha_cluster - Allow quorum device configuration](https://bugzilla.redhat.com/show_bug.cgi?id=2143814)
+- [ha_cluster - [RFE] convert ha_cluster role to use firewall, selinux and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2130019)
+- [journald - New role - journald - manage systemd-journald](https://bugzilla.redhat.com/show_bug.cgi?id=2165176)
+- [logging - [RFE] convert logging role to use firewall, selinux role, and certificate role](https://bugzilla.redhat.com/show_bug.cgi?id=2130362)
+- [metrics - [RFE] convert metrics role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2133532)
+- [nbde_server - [RFE] convert nbde_server role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2133931)
+- [network - Support cloned MAC address](https://bugzilla.redhat.com/show_bug.cgi?id=2143458)
+- [network - [RFE] Support setting the metric of the default route for initscripts provider](https://bugzilla.redhat.com/show_bug.cgi?id=2134201)
+- [network - [RFE] Support the DNS priority](https://bugzilla.redhat.com/show_bug.cgi?id=2133856)
+- [network - Support looking up named route table in routing rule](https://bugzilla.redhat.com/show_bug.cgi?id=2129620)
+- [podman - [RFE] role for managing podman containers and systemd](https://bugzilla.redhat.com/show_bug.cgi?id=2066864)
+- [postfix - [RFE] convert postfix role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2130332)
+- [selinux - add support for the 'local' parameter](https://bugzilla.redhat.com/show_bug.cgi?id=2143385)
+- [vpn - Add parameters shared_key_content, ike, esp, type, leftid, rightid](https://bugzilla.redhat.com/show_bug.cgi?id=2119600)
+- [vpn - [RFE] convert vpn role to use firewall and selinux role](https://bugzilla.redhat.com/show_bug.cgi?id=2130345)
+
+### Bug Fixes
+
+- [ha_cluster - Fix stonith watchdog timeout](https://bugzilla.redhat.com/show_bug.cgi?id=2167941)
+- [ha_cluster - Allow enabled SBD on disabled cluster](https://bugzilla.redhat.com/show_bug.cgi?id=2153081)
+- [ha_cluster - use no_log in tasks looping over pot. secret parameters](https://bugzilla.redhat.com/show_bug.cgi?id=2127497)
+- [nbde_client - nbde_client_clevis fails with a traceback and prints sensitive data](https://bugzilla.redhat.com/show_bug.cgi?id=2159972)
+- [nbde_client - must handle clevis-luks-askpass and clevis-luks-askpass@ systemd unit names](https://bugzilla.redhat.com/show_bug.cgi?id=2126960)
+- [network - should route traffic via correct bond](https://bugzilla.redhat.com/show_bug.cgi?id=2168733)
+- [selinux - managing modules is not idempotent](https://bugzilla.redhat.com/show_bug.cgi?id=2164879)
+- [sshd,ssh,timesync - Unexpected templating type error - expected str instance, int found](https://bugzilla.redhat.com/show_bug.cgi?id=2143401)
+- [tlog - Unconditionally enable the files provider](https://bugzilla.redhat.com/show_bug.cgi?id=2153080)
+
+[1.20.0] - 2022-08-09
+----------------------------
+
+### New Features
+
+- [cockpit - Add customization of port](https://bugzilla.redhat.com/show_bug.cgi?id=2115159)
+- [firewall - RFE: firewall-system-role: add ability to add interface to zone by PCI device ID](https://bugzilla.redhat.com/show_bug.cgi?id=2100939)
+- [firewall - support for firewall_config - gather firewall facts](https://bugzilla.redhat.com/show_bug.cgi?id=2115160)
+- [logging - [RFE] Support startmsg.regex and endmsg.regex in the files inputs](https://bugzilla.redhat.com/show_bug.cgi?id=2112143)
+- [selinux - Added setting of seuser and selevel for completeness](https://bugzilla.redhat.com/show_bug.cgi?id=2115162)
+
+### Bug Fixes
+
+- [nbde_client - Sets proper spacing for parameter rd.neednet=1](https://bugzilla.redhat.com/show_bug.cgi?id=2115161)
+- [network - fix IPRouteUtils.get_route_tables_mapping() to accept any whitespace sequence](https://bugzilla.redhat.com/show_bug.cgi?id=2115884)
+- [ssh sshd - ssh, sshd: RSAMinSize parameter definition is missing](https://bugzilla.redhat.com/show_bug.cgi?id=2109997)
+- [storage - [RHEL8] [WARNING]: The loop variable 'storage_test_volume' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.](https://bugzilla.redhat.com/show_bug.cgi?id=2082391)
+
+[1.19.3] - 2022-07-01
+----------------------------
+
+### New Features
+
+- [firewall - support add/modify/delete services](https://bugzilla.redhat.com/show_bug.cgi?id=2100297)
+- [network - [RFE] [network] Support managing the network through nmstate schema](https://bugzilla.redhat.com/show_bug.cgi?id=2100979)
+- [storage - support for adding/removing disks to/from storage pools](https://bugzilla.redhat.com/show_bug.cgi?id=2066880)
+- [storage - support for attaching cache volumes to existing volumes](https://bugzilla.redhat.com/show_bug.cgi?id=2066881)
+
+### Bug Fixes
+
+- [firewall - forward_port should accept list of string or list of dict](https://bugzilla.redhat.com/show_bug.cgi?id=2101607)
+- [metrics - document minimum supported redis version required by rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=2100285)
+- [metrics - restart pmie, pmlogger if changed, do not wait for handler](https://bugzilla.redhat.com/show_bug.cgi?id=2100298)
+
+[1.19.2] - 2022-06-15
+----------------------------
+
+### New Features
+
+- [sshd - system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9](https://bugzilla.redhat.com/show_bug.cgi?id=2086935)
+
+### Bug Fixes
+
+- none
+
+[1.19.1] - 2022-06-13
+----------------------------
+
+### New Features
+
+- [storage - support for creating and managing LVM thin pools/LVs](https://bugzilla.redhat.com/show_bug.cgi?id=2066876)
+- [All roles should support running with gather_facts: false](https://bugzilla.redhat.com/show_bug.cgi?id=2079008)
+
+### Bug Fixes
+
+- none
+
+[1.19.0] - 2022-06-06
+----------------------------
+
+### New Features
+
+- [storage - support for creating and managing LVM thin pools/LVs](https://bugzilla.redhat.com/show_bug.cgi?id=2066876)
+- [firewall - state no longer required for masquerade and ICMP block inversion](https://bugzilla.redhat.com/show_bug.cgi?id=2093437)
+
+### Bug Fixes
+
+- [storage - role raid_level "striped" is not supported](https://bugzilla.redhat.com/show_bug.cgi?id=2083426)
+
+[1.18.0] - 2022-05-26
+----------------------------
+
+### New Features
+
+- [firewall - [Improvement] Allow System Role to reset to default Firewalld Settings](https://bugzilla.redhat.com/show_bug.cgi?id=2043009)
+- [metrics - [RFE] add an option to the metrics role to enable postfix metric collection](https://bugzilla.redhat.com/show_bug.cgi?id=2079114)
+- [network - Rework the infiniband support](https://bugzilla.redhat.com/show_bug.cgi?id=2086869)
+- [sshd - system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"](https://bugzilla.redhat.com/show_bug.cgi?id=2086934)
+- [sshd - system role should be able to optionally manage /etc/ssh/sshd_config on RHEL 9](https://bugzilla.redhat.com/show_bug.cgi?id=2086935)
+
+### Bug Fixes
+
+- [storage - role cannot set mount_options for volumes](https://bugzilla.redhat.com/show_bug.cgi?id=2083378)
+
+[1.17.0] - 2022-04-25
+----------------------------
+
+### New Features
+
+- [All roles should support running with gather_facts: false](https://bugzilla.redhat.com/show_bug.cgi?id=2079008)
+- [ha_cluster - support advanced corosync configuration](https://bugzilla.redhat.com/show_bug.cgi?id=2065339)
+- [ha_cluster - support SBD fencing](https://bugzilla.redhat.com/show_bug.cgi?id=2066868)
+- [ha_cluster - add support for configuring bundle resources](https://bugzilla.redhat.com/show_bug.cgi?id=2073518)
+- [logging - Logging - RFE - support template, severity and facility options](https://bugzilla.redhat.com/show_bug.cgi?id=2075116)
+- [metrics - consistently use ansible_managed in configuration files managed by role [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2065215)
+- [metrics - [RFE] add an option to the metrics role to enable postfix metric collection](https://bugzilla.redhat.com/show_bug.cgi?id=2079114)
+- [network - [RFE] Extend rhel-system-roles.network feature set to support routing rules](https://bugzilla.redhat.com/show_bug.cgi?id=1996731)
+- [network - consistently use ansible_managed in configuration files managed by role [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2065670)
+- [postfix - consistently use ansible_managed in configuration files managed by role [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2065216)
+- [postfix - Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2065218)
+
+### Bug Fixes
+
+- [firewall - Firewall system role Ansible deprecation warning related to "include"](https://bugzilla.redhat.com/show_bug.cgi?id=2078650)
+- [kernel_settings - error configobj not found on RHEL 8.6 managed hosts [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2060378)
+- [metrics - Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2060377)
+- [nbde_client - NBDE client system role does not support servers with static IP addresses [rhel-8.7.0]](https://bugzilla.redhat.com/show_bug.cgi?id=2071011)
+- [network - bond: fix typo in supporting the infiniband ports in active-backup mode](https://bugzilla.redhat.com/show_bug.cgi?id=2064067)
+- [sshd - FIPS mode detection in SSHD role is wrong](https://bugzilla.redhat.com/show_bug.cgi?id=2075338)
+- [storage - RFE storage Less verbosity by default](https://bugzilla.redhat.com/show_bug.cgi?id=2056480)
+- [tlog - Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default](https://bugzilla.redhat.com/show_bug.cgi?id=2072749)
+
+[1.16.3] - 2022-04-07
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [tlog - Tlog role - Enabling session recording configuration does not work due to RHEL9 SSSD files provider default](https://bugzilla.redhat.com/show_bug.cgi?id=2072749)
+
+[1.16.2] - 2022-04-06
+----------------------------
+
+### New Features
+
+- [nbde_client - NBDE client system role does not support servers with static IP addresses](https://bugzilla.redhat.com/show_bug.cgi?id=1985022)
+
+### Bug Fixes
+
+- none
+
+[1.16.1] - 2022-03-29
+----------------------------
+
+### New Features
+
+- [nbde_client - NBDE client system role does not support servers with static IP addresses](https://bugzilla.redhat.com/show_bug.cgi?id=1985022)
+
+### Bug Fixes
+
+- none
+
+[1.16.0] - 2022-03-22
+----------------------------
+
+### New Features
+
+- [network - consistently use ansible_managed in configuration files managed by role](https://bugzilla.redhat.com/show_bug.cgi?id=2057656)
+- [metrics - consistently use ansible_managed in configuration files managed by role](https://bugzilla.redhat.com/show_bug.cgi?id=2057645)
+- [postfix - consistently use ansible_managed in configuration files managed by role](https://bugzilla.redhat.com/show_bug.cgi?id=2057661)
+- [postfix - Postfix RHEL System Role should provide the ability to replace config and reset configuration back to default](https://bugzilla.redhat.com/show_bug.cgi?id=2044657)
+
+### Bug Fixes
+
+- [network - bond: fix typo in supporting the infiniband ports in active-backup mode](https://bugzilla.redhat.com/show_bug.cgi?id=2064388)
+
+[1.15.1] - 2022-03-03
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [kernel_settings - error configobj not found on RHEL 8.6 managed hosts](https://bugzilla.redhat.com/show_bug.cgi?id=2058772)
+- [timesync - timesync: basic-smoke test failure in timesync/tests_ntp.yml](https://bugzilla.redhat.com/show_bug.cgi?id=2058645)
+
+[1.15.0] - 2022-03-01
+----------------------------
+
+### New Features
+
+- [firewall - [RFE] - Firewall RHEL System Role should be able to set default zone](https://bugzilla.redhat.com/show_bug.cgi?id=2022458)
+
+### Bug Fixes
+
+- [metrics - Metrics role, with "metrics_from_mssql" option does not configure /var/lib/pcp/pmdas/mssql/mssql.conf on first run](https://bugzilla.redhat.com/show_bug.cgi?id=2058655)
+- [firewall - ensure target changes take effect immediately](https://bugzilla.redhat.com/show_bug.cgi?id=2057172)
+
+[1.14.0] - 2022-02-14
+----------------------------
+
+### New Features
+
+- [network - [RFE] Add more bonding options to rhel-system-roles.network](https://bugzilla.redhat.com/show_bug.cgi?id=2008931)
+- [certificate - should consistently use ansible_managed in hook scripts](https://bugzilla.redhat.com/show_bug.cgi?id=2054364)
+- [tlog - consistently use ansible_managed in configuration files managed by role](https://bugzilla.redhat.com/show_bug.cgi?id=2054363)
+- [vpn - consistently use ansible_managed in configuration files managed by role](https://bugzilla.redhat.com/show_bug.cgi?id=2054365)
+
+### Bug Fixes
+
+- [ha_cluster - set permissions for haclient group](https://bugzilla.redhat.com/show_bug.cgi?id=2049747)
+
+[1.13.1] - 2022-02-08
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [vpn - vpn: template error while templating string: no filter named 'vpn_ipaddr'](https://bugzilla.redhat.com/show_bug.cgi?id=2050341)
+- [kdump - kdump: Unable to start service kdump: Job for kdump.service failed because the control process exited with error code.](https://bugzilla.redhat.com/show_bug.cgi?id=2052105)
+
+[1.13.0] - 2022-02-01
+----------------------------
+
+### New Features
+
+- [storage - RFE: Add support for RAID volumes (lvm-only)](https://bugzilla.redhat.com/show_bug.cgi?id=2016514)
+- [storage - RFE: Add support for cached volumes (lvm-only)](https://bugzilla.redhat.com/show_bug.cgi?id=2016511)
+- [nbde_client - NBDE client system role does not support servers with static IP addresses](https://bugzilla.redhat.com/show_bug.cgi?id=1985022)
+- [ha_cluster - [RFE] ha_cluster - Support for creating resource constraints (Location, Ordering, etc.)](https://bugzilla.redhat.com/show_bug.cgi?id=2041635)
+- [network - RFE: Support Routing Tables in static routes in Network Role](https://bugzilla.redhat.com/show_bug.cgi?id=2031521)
+
+### Bug Fixes
+
+- [metrics - role can't be re-run if the Grafana admin password has been changed](https://bugzilla.redhat.com/show_bug.cgi?id=1967321)
+- [network - Failure to activate connection: nm-manager-error-quark: No suitable device found for this connection](https://bugzilla.redhat.com/show_bug.cgi?id=2034908)
+- [network - Set DNS search setting only for enabled IP protocols](https://bugzilla.redhat.com/show_bug.cgi?id=2041627)
+
+[1.12.0] - 2022-01-27
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [logging - Logging role "logging_purge_confs" option not properly working](https://bugzilla.redhat.com/show_bug.cgi?id=2040812)
+- [kernel_settings - role should use ansible_managed in its configuration file](https://bugzilla.redhat.com/show_bug.cgi?id=2047504)
+
+[1.11.0] - 2022-01-20
+----------------------------
+
+### New Features
+
+- [Support ansible-core 2.11+](https://bugzilla.redhat.com/show_bug.cgi?id=2012316)
+- [cockpit - Please include "cockpit" role](https://bugzilla.redhat.com/show_bug.cgi?id=2021661)
+- [ssh - ssh/tests_all_options.yml: "assertion": "'StdinNull yes' in config.content | b64decode ", failure](https://bugzilla.redhat.com/show_bug.cgi?id=2029614)
+
+### Bug Fixes
+
+- [timesync - timesync: Failure related to missing ntp/ntpd package/service on RHEL-9 host](https://bugzilla.redhat.com/show_bug.cgi?id=2029463)
+- [logging - role missing quotes for immark module interval value](https://bugzilla.redhat.com/show_bug.cgi?id=2021678)
+- [kdump - kdump: support reboot required and reboot ok](https://bugzilla.redhat.com/show_bug.cgi?id=2029605)
+- [sshd - should detect FIPS mode and handle tasks correctly in FIPS mode](https://bugzilla.redhat.com/show_bug.cgi?id=1979714)
+
+[1.10.0] - 2021-11-08
+----------------------------
+
+### New Features
+
+- [cockpit - Please include "cockpit" role](https://bugzilla.redhat.com/show_bug.cgi?id=2021661)
+- [firewall - Ansible Roles for RHEL Firewall](https://bugzilla.redhat.com/show_bug.cgi?id=1854988)
+- [firewall - RFE: firewall-system-role: add ability to add-source](https://bugzilla.redhat.com/show_bug.cgi?id=1932678)
+- [firewall - RFE: firewall-system-role: allow user defined zones](https://bugzilla.redhat.com/show_bug.cgi?id=1850768)
+- [firewall - RFE: firewall-system-role: allow specifying the zone](https://bugzilla.redhat.com/show_bug.cgi?id=1850753)
+- [Support ansible-core 2.11+](https://bugzilla.redhat.com/show_bug.cgi?id=2012316)
+- [network - role: Allow to specify PCI address to configure profiles](https://bugzilla.redhat.com/show_bug.cgi?id=1695634)
+- [network - [RFE] support wifi Enhanced Open (OWE)](https://bugzilla.redhat.com/show_bug.cgi?id=1993379)
+- [network - [RFE] support WPA3 Simultaneous Authentication of Equals(SAE)](https://bugzilla.redhat.com/show_bug.cgi?id=1993311)
+- [network - [Network] RFE: Support ignoring default gateway retrieved by DHCP/IPv6-RA](https://bugzilla.redhat.com/show_bug.cgi?id=1897565)
+- [logging - [RFE]  logging - Add user and password](https://bugzilla.redhat.com/show_bug.cgi?id=2010327)
+
+### Bug Fixes
+
+- [Replace `# {{ ansible_managed }}` with `{{ ansible_managed | comment }}`](https://bugzilla.redhat.com/show_bug.cgi?id=2006230)
+- [logging - role missing quotes for immark module interval value](https://bugzilla.redhat.com/show_bug.cgi?id=2021678)
+- [logging - Logging - Performance improvement](https://bugzilla.redhat.com/show_bug.cgi?id=2005727)
+- [nbde_client - add regenerate-all to the dracut command](https://bugzilla.redhat.com/show_bug.cgi?id=2021682)
+- [certificate - certificates: "group" option keeps certificates inaccessible to the group](https://bugzilla.redhat.com/show_bug.cgi?id=2021683)
+
+[1.7.3] - 2021-08-26
+----------------------------
+
+### New Features
+
+- [storage - RFE: Request that VDO be added to the Ansible (redhat-system-roles)](https://bugzilla.redhat.com/show_bug.cgi?id=1978488)
+
+### Bug Fixes
+
+- none
+
+[1.7.2] - 2021-08-24
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [logging - Update the certificates copy tasks](https://bugzilla.redhat.com/show_bug.cgi?id=1996777)
+
+[1.7.1] - 2021-08-16
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [metrics - role: the bpftrace role does not properly configure bpftrace agent](https://bugzilla.redhat.com/show_bug.cgi?id=1994180)
+
+[1.7.0] - 2021-08-12
+----------------------------
+
+### New Features
+
+- [drop support for Ansible 2.8](https://bugzilla.redhat.com/show_bug.cgi?id=1989197)
+
+### Bug Fixes
+
+- [sshd - sshd: failed to validate: error:Missing Match criteria for all Bad Match condition](https://bugzilla.redhat.com/show_bug.cgi?id=1991598)
+
+[1.6.6] - 2021-08-06
+----------------------------
+
+### New Features
+
+- [logging - [RFE] logging - Add a support for list value to server_host in the elasticsearch output](https://bugzilla.redhat.com/show_bug.cgi?id=1986460)
+
+### Bug Fixes
+
+- none
+
+[1.6.2] - 2021-07-30
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [metrics - role: Grafana dashboard not working after metrics role run unless services manually restarted](https://bugzilla.redhat.com/show_bug.cgi?id=1984150)
+
+[1.6.0] - 2021-07-28
+----------------------------
+
+### New Features
+
+- [storage - [RFE] storage: support volume sizes as a percentage of pool](https://bugzilla.redhat.com/show_bug.cgi?id=1984583)
+
+### Bug Fixes
+
+- none
+
+[1.5.0] - 2021-07-15
+----------------------------
+
+### New Features
+
+- [ha_cluster - RFE: ha_cluster - add pacemaker cluster properties configuration](https://bugzilla.redhat.com/show_bug.cgi?id=1982913)
+
+### Bug Fixes
+
+- none
+
+[1.4.3] - 2021-07-15
+----------------------------
+
+### New Features
+
+- [crypto_policies - rename 'policy modules' to 'subpolicies'](https://bugzilla.redhat.com/show_bug.cgi?id=1982896)
+
+### Bug Fixes
+
+- none
+
+[1.4.2] - 2021-07-15
+----------------------------
+
+### New Features
+
+- [storage - storage: relabel doesn't support](https://bugzilla.redhat.com/show_bug.cgi?id=1876315)
+
+### Bug Fixes
+
+- none
+
+[1.4.1] - 2021-07-09
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [network - Re-running the network system role results in "changed: true" when nothing has actually changed](https://bugzilla.redhat.com/show_bug.cgi?id=1943384)
+
+[1.4.0] - 2021-07-08
+----------------------------
+
+### New Features
+
+- [storage - RFE: Request that VDO be added to the Ansible (redhat-system-roles)](https://bugzilla.redhat.com/show_bug.cgi?id=1882475)
+
+### Bug Fixes
+
+- none
+
+[1.3.0] - 2021-06-23
+----------------------------
+
+### New Features
+
+- [ha_cluster - RFE: add pacemaker resources configuration](https://bugzilla.redhat.com/show_bug.cgi?id=1963283)
+- [network - [Network] RFE: Support ignoring default gateway retrieved by DHCP/IPv6-RA](https://bugzilla.redhat.com/show_bug.cgi?id=1897565)
+- [storage - RFE: Request that VDO be added to the Ansible (redhat-system-roles)](https://bugzilla.redhat.com/show_bug.cgi?id=1882475)
+- [sshd - RFE: sshd - support for appending a snippet to configuration file](https://bugzilla.redhat.com/show_bug.cgi?id=1970642)
+- [timesync - RFE: timesync support for Network Time Security (NTS)](https://bugzilla.redhat.com/show_bug.cgi?id=1970664)
+
+### Bug Fixes
+
+- [postfix - Postfix RHEL system role README.md missing variables under the "Role Variables" section](https://bugzilla.redhat.com/show_bug.cgi?id=1961858)
+- [postfix - the postfix role is not idempotent](https://bugzilla.redhat.com/show_bug.cgi?id=1960375)
+- [selinux - task for semanage says Fedora in name but also runs on RHEL/CentOS 8](https://bugzilla.redhat.com/show_bug.cgi?id=1966681)
+- [metrics - role task to enable logging for targeted hosts not working](https://bugzilla.redhat.com/show_bug.cgi?id=1967335)
+- [sshd ssh - Unable to set sshd_hostkey_group and sshd_hostkey_mode](https://bugzilla.redhat.com/show_bug.cgi?id=1966711)
+
+[1.2.3] - 2021-06-17
+----------------------------
+
+### New Features
+
+- [main.yml: Add EL 9 support for all roles](https://bugzilla.redhat.com/show_bug.cgi?id=1952887)
+
+### Bug Fixes
+
+- none
+
+[1.2.2] - 2021-06-15
+----------------------------
+
+### New Features
+
+- [timesync - Add hybrid_e2e option to PTP domain](https://bugzilla.redhat.com/show_bug.cgi?id=1957849)
+
+### Bug Fixes
+
+- [Internal links in README.md are broken](https://bugzilla.redhat.com/show_bug.cgi?id=1962976)
+- [ha_cluster - cannot read preshared key in binary format](https://bugzilla.redhat.com/show_bug.cgi?id=1952620)
+
+[1.2.1] - 2021-05-21
+----------------------------
+
+### New Features
+
+- none
+
+### Bug Fixes
+
+- [Internal links in README.md are broken](https://bugzilla.redhat.com/show_bug.cgi?id=1962976)
+
+[1.2.0] - 2021-05-17
+----------------------------
+
+### New Features
+
+- [network - role: Support ethtool -G|--set-ring options](https://bugzilla.redhat.com/show_bug.cgi?id=1959649)
+
+### Bug Fixes
+
+- [postfix - postfix: Use FQRN in README](https://bugzilla.redhat.com/show_bug.cgi?id=1958963)
+- [postfix - Documentation error in rhel-system-roles postfix readme file](https://bugzilla.redhat.com/show_bug.cgi?id=1866544)
+- [storage - storage: calltrace observed when set type: partition for storage_pools](https://bugzilla.redhat.com/show_bug.cgi?id=1854187)
+
+[1.1.0] - 2021-05-13
+----------------------------
+
+### New Features
+
+- [timesync - [RFE] support for free form configuration for chrony](https://bugzilla.redhat.com/show_bug.cgi?id=1938023)
+- [timesync - [RFE] support for timesync_max_distance to configure maxdistance/maxdist parameter](https://bugzilla.redhat.com/show_bug.cgi?id=1938016)
+- [timesync - [RFE] support for ntp xleave, filter, and hw timestamping](https://bugzilla.redhat.com/show_bug.cgi?id=1938020)
+- [selinux - [RFE] Ability to install custom SELinux module via Ansible](https://bugzilla.redhat.com/show_bug.cgi?id=1848683)
+- [network - support for ipv6_disabled to disable ipv6 for address](https://bugzilla.redhat.com/show_bug.cgi?id=1939711)
+- [vpn - [RFE] Release Ansible role for vpn in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1943679)
+
+### Bug Fixes
+
+- [Bug fixes for Collection/Automation Hub](https://bugzilla.redhat.com/show_bug.cgi?id=1954747)
+- [timesync - do not use ignore_errors in timesync role](https://bugzilla.redhat.com/show_bug.cgi?id=1938014)
+- [selinux - rhel-system-roles should not reload the SELinux policy if its not changed](https://bugzilla.redhat.com/show_bug.cgi?id=1757869)
+
+[1.0.0] - 2021-02-23
+----------------------------
+
+### New Features
+
+- [network - RFE: [network] Support of DNS with options](https://bugzilla.redhat.com/show_bug.cgi?id=1893959)
+- [network - RFE: [network] Embrace Inclusive language](https://bugzilla.redhat.com/show_bug.cgi?id=1893957)
+- [ssh - [8.4] [RFE] Release Ansible role for ssh client in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1893712)
+- [clusterha - [8.4] [RFE] Release Ansible role for cluster HA in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1893743)
+- [logging - Logging - Support RELP secure transport in the logging role configuration](https://bugzilla.redhat.com/show_bug.cgi?id=1889484)
+- [metrics - [8.4] [RFE] add exporting-metric-data-to-elasticsearch functionality in the metrics role](https://bugzilla.redhat.com/show_bug.cgi?id=1895188)
+- [metrics - release SQL server configuration support in the metrics role](https://bugzilla.redhat.com/show_bug.cgi?id=1893908)
+- [[8.4] Package rhel-system-roles in the collection format in addition to the legacy role format](https://bugzilla.redhat.com/show_bug.cgi?id=1893906)
+
+### Bug Fixes
+
+- [logging - Logging - Integrating ELK with RHV-4.4 fails as RHVH is missing 'rsyslog-gnutls' package.](https://bugzilla.redhat.com/show_bug.cgi?id=1927943)
+- [storage - storage: omitted parameters on existing pool/volume is interpreted as "use the default"](https://bugzilla.redhat.com/show_bug.cgi?id=1894651)
+- [storage - storage: must list disks in order to identify an existing pool](https://bugzilla.redhat.com/show_bug.cgi?id=1894676)
+- [storage - storage: pool metadata usage must be accounted for by the user](https://bugzilla.redhat.com/show_bug.cgi?id=1894647)
+- [selinux - Merged fix incorrect default value (there is no variable named "present")](https://bugzilla.redhat.com/show_bug.cgi?id=1926947)
+- [storage - storage: tests_luks.yml partition case failed with nvme disk](https://bugzilla.redhat.com/show_bug.cgi?id=1865990)
+
+[1.0] - 2021-01-15
+----------------------------
+
+### New Features
+
+- [tlog - Add exclude_users and exclude_groups support](https://bugzilla.redhat.com/show_bug.cgi?id=1895472)
+- [crypto_policies - [8.4] [RFE] Release Ansible role for crypto policies in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1893699)
+- [sshd - [8.4] [RFE] Release Ansible role for sshd in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1893696)
+- [metrics - role should automate the setup of Grafana datasources](https://bugzilla.redhat.com/show_bug.cgi?id=1855544)
+- [network role: Support -K|--features|--offload ethtool options](https://bugzilla.redhat.com/show_bug.cgi?id=1696703)
+- [network role: Atomic changes](https://bugzilla.redhat.com/show_bug.cgi?id=1695161)
+
+### Bug Fixes
+
+- [storage - safe mode of storage role does not prevent accidentally losing data when toggling encryption on a volume, disk or pool](https://bugzilla.redhat.com/show_bug.cgi?id=1881524)
+- [storage - storage: ext2/3/4 resize function doesn't work](https://bugzilla.redhat.com/show_bug.cgi?id=1862867)
+- [logging - [logging role] cannot setup machine with tls](https://bugzilla.redhat.com/show_bug.cgi?id=1861318)
+- [certificate - role: The role is not idempotent in rhel7](https://bugzilla.redhat.com/show_bug.cgi?id=1859547)
+- [logging - Logging - Bug fixes](https://bugzilla.redhat.com/show_bug.cgi?id=1854546)
+- [logging - [logging role] support scenario for client without key/cert, just CA cert](https://bugzilla.redhat.com/show_bug.cgi?id=1860896)
+- [metrics - role incorrectly sets up multiple primary pmie processes in multi-host mode](https://bugzilla.redhat.com/show_bug.cgi?id=1855539)
+- [certificate - role cannot manage EL7 hosts](https://bugzilla.redhat.com/show_bug.cgi?id=1848745)
+- [network - [network] Support state:down persistent_state:absent for non-existent profile](https://bugzilla.redhat.com/show_bug.cgi?id=1822777)
+- [network - Creating active bonded interface fails with the initscripts provider](https://bugzilla.redhat.com/show_bug.cgi?id=1848472)
+- [logging - Logging role had performance issues](https://bugzilla.redhat.com/show_bug.cgi?id=1848762)
+- [certificate - role does not work on controller hosts which use jinja2 2.10](https://bugzilla.redhat.com/show_bug.cgi?id=1848742)
+- [nbde_client - fix idempotency, check_mode issues with nbde_client role](https://bugzilla.redhat.com/show_bug.cgi?id=1848766)
+- [storage - Storage role can remove existing filesystems and volume groups without warning](https://bugzilla.redhat.com/show_bug.cgi?id=1763242)
+- [network role: Minimize service disruption](https://bugzilla.redhat.com/show_bug.cgi?id=1695157)
+- [typo in selinux/tests/tests_selinux_disabled.yml: Invalid options for assert: mgs](https://bugzilla.redhat.com/show_bug.cgi?id=1677743)
+- [Check mode problems in rhel-system-roles](https://bugzilla.redhat.com/show_bug.cgi?id=1685904)
+
+[0.6] - 2018-05-11
+----------------------------
+
+### New Features
+
+- [RFE: Ansible rhel-system-roles.network: add ETHTOOL_OPTS, LINKDELAY, IPV4_FAILURE_FATAL](https://bugzilla.redhat.com/show_bug.cgi?id=1478576)
+
+### Bug Fixes
+
+- none
--- a/SOURCES/CHANGELOG.rst
+++ b/SOURCES/CHANGELOG.rst
@ -0,0 +1 @@
+See docs/CHANGELOG.md
--- a/SOURCES/ansible-packaging.inc
+++ b/SOURCES/ansible-packaging.inc
@ -0,0 +1,21 @@
+# Helper macros originally from macros.ansible by Igor Raits <ignatenkobrain>
+# This file is for maintaining the compatibility with macros and other
+# functionality (generators) provided by ansible-packaging on Fedora.
+
+Provides: ansible-collection(%{collection_namespace}.%{collection_name}) = %{collection_version}
+
+# ansible-galaxy is available by ansible-core on RHEL 8.6 and newer at buildtime.
+%define ansible_collection_build() ansible-galaxy collection build
+%define ansible_collection_install() ansible-galaxy collection install -n -p %{buildroot}%{_datadir}/ansible/collections %{collection_namespace}-%{collection_name}-%{version}.tar.gz
+
+%define ansible_roles_dir %{_datadir}/ansible/roles
+%define ansible_collections_dir %{_datadir}/ansible/collections/ansible_collections
+
+# TODO: Officially deprecate this macro and add the following line to the macro
+# def after the new approach has gotten more testing and adoption:
+# %%{warn: %%{ansible_collection_files} is deprecated. Use %%files -f %%{ansible_collection_filelist} instead.}
+%define ansible_collection_files %{shrink:
+%{ansible_collections_dir}/%{collection_namespace}/
+}
+
+%define ansible_collection_filelist %{__ansible_builddir}/ansible_collection_files
--- a/SOURCES/collection_readme.sh
+++ b/SOURCES/collection_readme.sh
@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+readme_md=${1:-"lsr_role2collection/collection_readme.md"}
+
+sed -i -e '/## Currently supported distributions/{:1;/## Dependencies/!{N;b 1};s|.*|## Dependencies|}' \
+    -e 's/Linux/Red Hat Enterprise Linux/g' \
+    -e 's/Ansible Galaxy/Automation Hub/g' \
+    -e 's/fedora\(.\)linux_system_roles/redhat\1rhel_system_roles/g' \
+    -e 's/linux-system-roles/rhel-system-roles/g' \
+    -e '/## Documentation/{:a;/## Support/!{N;b a};s|.*|## Documentation\nThe official RHEL System Roles documentation can be found in the [Product Documentation section of the Red Hat Customer Portal](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/administration_and_configuration_tasks_using_system_roles_in_rhel/index).\n\n## Support|}' \
+    -e 's/
$//' \
+    $readme_md
--- a/SOURCES/extrasources.inc
+++ b/SOURCES/extrasources.inc
@ -0,0 +1,10 @@
+Source801: https://galaxy.ansible.com/download/ansible-posix-1.5.4.tar.gz
+Source901: https://galaxy.ansible.com/download/community-general-8.3.0.tar.gz
+Source902: https://galaxy.ansible.com/download/containers-podman-1.12.0.tar.gz
+
+Provides: bundled(ansible-collection(ansible.posix)) = 1.5.4
+Provides: bundled(ansible-collection(community.general)) = 8.3.0
+Provides: bundled(ansible-collection(containers.podman)) = 1.12.0
+
+Source996: CHANGELOG.rst
+Source998: collection_readme.sh
--- a/SOURCES/kdump-tier1-tags.diff
+++ b/SOURCES/kdump-tier1-tags.diff
@ -1,100 +0,0 @@
-diff --git a/tests/commonvars.yml b/tests/commonvars.yml
-new file mode 100644
-index 0000000..2cd3566
--- /dev/null
-+++ b/tests/commonvars.yml
-@@ -0,0 +1,2 @@
-+restore_services:
-+  - kdump
-diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml
-new file mode 100644
-index 0000000..4fe5d36
--- /dev/null
-+++ b/tests/get_services_state.yml
-@@ -0,0 +1,4 @@
-+- name: Get initial state of services
-+  tags: tests::cleanup
-+  service_facts:
-+  register: initial_state
-diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml
-new file mode 100644
-index 0000000..2035dfc
--- /dev/null
-+++ b/tests/restore_services_state.yml
-@@ -0,0 +1,22 @@
-+- block:
-+    - name: load common vars
-+      include_vars:
-+        file: commonvars.yml
-+
-+    - name: Get final state of services
-+      service_facts:
-+      register: final_state
-+
-+    - name: Restore state of services
-+      service:
-+        name: "{{ item }}"
-+        state: "{{ 'started' if
-+                   initial_state.ansible_facts.services[sname]['state']
-+                   == 'running' else 'stopped' }}"
-+      when:
-+         - sname in final_state.ansible_facts.services
-+         - sname in initial_state.ansible_facts.services
-+      vars:
-+        sname: "{{ item + '.service' }}"
-+      with_items: "{{ restore_services }}"
-+  tags: tests::cleanup
-diff --git a/tests/tests_default.yml b/tests/tests_default.yml
-index 4c93830..60d7967 100644
--- a/tests/tests_default.yml
-+++ b/tests/tests_default.yml
-@@ -1,6 +1,18 @@
- 
- - name: Ensure that the rule runs with default parameters
-+  tags:
-+    - 'tests::tier1'
-   hosts: all
- 
-   roles:
-     - kdump
-+
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_default_wrapper.yml b/tests/tests_default_wrapper.yml
-index 2763fbd..617acb3 100644
--- a/tests/tests_default_wrapper.yml
-+++ b/tests/tests_default_wrapper.yml
-@@ -1,6 +1,9 @@
- ---
- - name: Create static inventory from hostvars
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   tasks:
-     - name: create temporary file
-       tempfile:
-@@ -17,10 +20,16 @@
- 
- 
- - name: Run tests_default.yml normally
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   import_playbook: tests_default.yml
- 
- - name: Run tests_default.yml in check_mode
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   tasks:
-     - name: Run ansible-playbook with tests_default.yml in check mode
-       command: ansible-playbook -vvv -i {{ tempinventory.path }} --check tests_default.yml
--- a/SOURCES/md2html.sh
+++ b/SOURCES/md2html.sh
@ -1,6 +0,0 @@
-for file in "$@"; do
-	pandoc -f markdown_github "${file}" -t asciidoc -o "${file%.md}.tmp.adoc" ||exit $?
-	touch -r "${file}" "${file%.md}.tmp.adoc" ||exit $?
-	TZ=UTC asciidoc -o "${file%.md}.html" -a footer-style=none -a toc2 -a source-highlighter=highlight "${file%.md}.tmp.adoc" ||exit $?
-	rm "${file%.md}.tmp.adoc"
-done
--- a/SOURCES/network-permissions.diff
+++ b/SOURCES/network-permissions.diff
@ -1,6 +0,0 @@
-diff --git a/library/network_connections.py b/library/network_connections.py
-old mode 100755
-new mode 100644
-diff --git a/tests/unit/test_network_connections.py b/tests/unit/test_network_connections.py
-old mode 100755
-new mode 100644
--- a/SOURCES/network-tier1-tags.diff
+++ b/SOURCES/network-tier1-tags.diff
@ -1,551 +0,0 @@
-diff --git a/tests/commonvars.yml b/tests/commonvars.yml
-new file mode 100644
-index 0000000..50452f7
--- /dev/null
-+++ b/tests/commonvars.yml
-@@ -0,0 +1,2 @@
-+restore_services:
-+  - NetworkManager
-diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml
-new file mode 100644
-index 0000000..4fe5d36
--- /dev/null
-+++ b/tests/get_services_state.yml
-@@ -0,0 +1,4 @@
-+- name: Get initial state of services
-+  tags: tests::cleanup
-+  service_facts:
-+  register: initial_state
-diff --git a/tests/playbooks/tests_states.yml b/tests/playbooks/tests_states.yml
-index 7a1e207..3c1f65d 100644
--- a/tests/playbooks/tests_states.yml
-+++ b/tests/playbooks/tests_states.yml
-@@ -1,6 +1,8 @@
- # SPDX-License-Identifier: BSD-3-Clause
- ---
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     interface: statebr
-     profile: "{{ interface }}"
-@@ -22,6 +24,8 @@
-             ip:
-               dhcp4: false
-               auto6: false
-+      tags:
-+        - 'tests::net::bridge'
-     - include_tasks: tasks/assert-device_present.yml
-     - include_tasks: tasks/assert-profile_present.yml
- 
-@@ -47,3 +51,28 @@
-             state: down
-     - include_tasks: tasks/assert-device_absent.yml
-     - include_tasks: tasks/assert-profile_absent.yml
-+
-+  pre_tasks:
-+    - name: Save host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: "../save_state.yml"
-+
-+  post_tasks:
-+    - name: Remove test profile
-+      tags:
-+        - 'tests::cleanup'
-+        - 'tests::tier1::cleanup'
-+        - 'tests::net::bridge::cleanup'
-+      import_role:
-+        name: linux-system-roles.network
-+      vars:
-+        network_connections:
-+          - name: statebr
-+            state: down
-+            persistent_state: absent
-+
-+    - name: Restore host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: "../restore_state.yml"
-diff --git a/tests/playbooks/tests_vlan_mtu.yml b/tests/playbooks/tests_vlan_mtu.yml
-index ae0322e..bf6e518 100644
--- a/tests/playbooks/tests_vlan_mtu.yml
-+++ b/tests/playbooks/tests_vlan_mtu.yml
-@@ -1,6 +1,8 @@
- # SPDX-License-Identifier: BSD-3-Clause
- ---
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     type: veth
-     interface: lsr101
-@@ -10,6 +12,8 @@
-     - include_tasks: tasks/manage-test-interface.yml
-       vars:
-         state: present
-+      tags:
-+        - 'tests::net::veth'
-     - include_tasks: tasks/assert-device_present.yml
-     - name: "TEST: I can configure the MTU for a vlan interface without autoconnect."
-       debug:
-@@ -37,6 +41,8 @@
-             ip:
-               dhcp4: false
-               auto6: false
-+      tags:
-+        - 'tests::net::reconf'
-     - include_tasks: tasks/assert-device_present.yml
-       vars:
-         interface: "{{ vlan_interface }}"
-@@ -61,6 +67,26 @@
-             persistent_state: absent
-             state: down
-       ignore_errors: true
-+      tags:
-+        - 'tests::cleanup'
-+        - 'tests::tier1::cleanup'
-+        - 'tests::net::veth::cleanup'
-     - include_tasks: tasks/manage-test-interface.yml
-       vars:
-         state: absent
-+      tags:
-+        - 'tests::cleanup'
-+        - 'tests::tier1::cleanup'
-+        - 'tests::net::veth::cleanup'
-+
-+  pre_tasks:
-+    - name: Save host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: "../save_state.yml"
-+
-+  post_tasks:
-+    - name: Restore host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: "../restore_state.yml"
-diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml
-new file mode 100644
-index 0000000..2035dfc
--- /dev/null
-+++ b/tests/restore_services_state.yml
-@@ -0,0 +1,22 @@
-+- block:
-+    - name: load common vars
-+      include_vars:
-+        file: commonvars.yml
-+
-+    - name: Get final state of services
-+      service_facts:
-+      register: final_state
-+
-+    - name: Restore state of services
-+      service:
-+        name: "{{ item }}"
-+        state: "{{ 'started' if
-+                   initial_state.ansible_facts.services[sname]['state']
-+                   == 'running' else 'stopped' }}"
-+      when:
-+         - sname in final_state.ansible_facts.services
-+         - sname in initial_state.ansible_facts.services
-+      vars:
-+        sname: "{{ item + '.service' }}"
-+      with_items: "{{ restore_services }}"
-+  tags: tests::cleanup
-diff --git a/tests/restore_state.yml b/tests/restore_state.yml
-new file mode 100644
-index 0000000..f4e3d5f
--- /dev/null
-+++ b/tests/restore_state.yml
-@@ -0,0 +1,24 @@
-+---
-+- name: Remove /etc/sysconfig/network if there was no one
-+  tags:
-+    - 'tests::cleanup'
-+  file:
-+    path: /etc/sysconfig/network
-+    state: absent
-+  when:
-+    - etc_sysconfig_network_stat is defined
-+    - not etc_sysconfig_network_stat.stat.exists
-+
-+- name: Restore services
-+  import_tasks: restore_services_state.yml
-+
-+- name: reload NetworkManager
-+  tags:
-+    - 'tests::cleanup'
-+  command: nmcli connection reload
-+  when:
-+    - sname in final_state.ansible_facts.services
-+    - sname in initial_state.ansible_facts.services
-+    - final_state.ansible_facts.services[sname]['state'] == 'running'
-+  vars:
-+    sname: NetworkManager.service
-diff --git a/tests/save_state.yml b/tests/save_state.yml
-new file mode 100644
-index 0000000..5690aed
--- /dev/null
-+++ b/tests/save_state.yml
-@@ -0,0 +1,11 @@
-+---
-+- name: Get services state
-+  import_tasks: get_services_state.yml
-+
-+- name: Investigate /etc/sysconfig/network presence
-+  tags:
-+    - 'tests::cleanup'
-+  stat:
-+    path: /etc/sysconfig/network
-+  register: etc_sysconfig_network_stat
-+  ignore_errors: yes
-diff --git a/tests/tests_bridge.yml b/tests/tests_bridge.yml
-index 9ead308..394d392 100644
--- a/tests/tests_bridge.yml
-+++ b/tests/tests_bridge.yml
-@@ -1,7 +1,17 @@
- # SPDX-License-Identifier: BSD-3-Clause
- ---
-+- name: Save host state
-+  hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::tier1::cleanup'
-+  tasks:
-+    - import_tasks: save_state.yml
-+
- - name: Test configuring bridges
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     interface: LSR-TST-br31
- 
-@@ -14,6 +24,9 @@
- 
- - name: Add test bridge
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::net::bridge'
-   vars:
-     network_connections:
-       - name: "{{ interface }}"
-@@ -27,24 +40,40 @@
-     - linux-system-roles.network
- 
- - import_playbook: run-tasks.yml
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     task: tasks/assert-device_present.yml
- 
- - import_playbook: run-tasks.yml
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     profile: "{{ interface }}"
-     task: tasks/assert-profile_present.yml
- 
- - import_playbook: down-profile.yml
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-+    - 'tests::net::bridge::cleanup'
-   vars:
-     profile: "{{ interface }}"
- # FIXME: assert profile/device down
- 
- - import_playbook: remove-profile.yml
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-+    - 'tests::net::bridge::cleanup'
-   vars:
-     profile: "{{ interface }}"
- 
- - import_playbook: run-tasks.yml
-+  tags:
-+    - 'tests::tier1'
-   vars:
-     profile: "{{ interface }}"
-     task: tasks/assert-profile_absent.yml
-@@ -53,3 +82,22 @@
- #- import_playbook: run-tasks.yml
- #  vars:
- #    task: tasks/assert-device_absent.yml
-+
-+- name: Remove test bridge
-+  hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-+    - 'tests::net::bridge::cleanup'
-+  tasks:
-+    - command: 'ip link delete "{{ interface }}"'
-+      ignore_errors: yes
-+
-+- name: Restore host state
-+  hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::tier1::cleanup'
-+  tasks:
-+    - import_tasks: restore_state.yml
-diff --git a/tests/tests_bridge_other_provider.yml b/tests/tests_bridge_other_provider.yml
-index e5a4ad7..4d1d2dd 100644
--- a/tests/tests_bridge_other_provider.yml
-+++ b/tests/tests_bridge_other_provider.yml
-@@ -1,6 +1,8 @@
- ---
- - hosts: all
-   name: Run playbook 'tests_bridge.yml' with non-default provider
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-   - name: Get service facts
-     service_facts: null
-diff --git a/tests/tests_default.yml b/tests/tests_default.yml
-index fda6ed5..0ce3ab9 100644
--- a/tests/tests_default.yml
-+++ b/tests/tests_default.yml
-@@ -2,5 +2,19 @@
- ---
- - name: Test executing the role with default parameters
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-   roles:
-     - linux-system-roles.network
-+
-+  pre_tasks:
-+    - name: Save host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: save_state.yml
-+
-+  post_tasks:
-+    - name: Restore host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: restore_state.yml
-diff --git a/tests/tests_default_other_provider.yml b/tests/tests_default_other_provider.yml
-index 697bc57..0c70dac 100644
--- a/tests/tests_default_other_provider.yml
-+++ b/tests/tests_default_other_provider.yml
-@@ -1,6 +1,8 @@
- ---
- - hosts: all
-   name: Run playbook 'tests_default.yml' with non-default provider
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-   - name: Get service facts
-     service_facts: null
-diff --git a/tests/tests_ethernet.yml b/tests/tests_ethernet.yml
-index 25f117d..c85f853 100644
--- a/tests/tests_ethernet.yml
-+++ b/tests/tests_ethernet.yml
-@@ -1,6 +1,16 @@
- # SPDX-License-Identifier: BSD-3-Clause
- ---
-+- name: Save host state
-+  hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::tier1::cleanup'
-+  tasks:
-+    - import_tasks: save_state.yml
-+
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - debug:
-         msg: Inside ethernet tests
-@@ -9,6 +19,9 @@
- 
- - name: Test configuring ethernet devices
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::net::veth'
-   vars:
-     type: veth
-     interface: lsr27
-@@ -18,6 +31,7 @@
-       set_fact:
-         type: "{{ type }}"
-         interface: "{{ interface }}"
-+#        cacheable: yes
-     - include_tasks: tasks/show-interfaces.yml
-     - include_tasks: tasks/manage-test-interface.yml
-       vars:
-@@ -26,6 +40,9 @@
- 
- - name: Test static interface up
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::net::reconf'
-   vars:
-     network_connections:
-       - name: "{{ interface }}"
-@@ -39,6 +56,8 @@
-     - linux-system-roles.network
- 
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - debug:
-         var: network_provider
-@@ -46,17 +65,38 @@
- # FIXME: assert profile present
- # FIXME: assert profile/device up + IP address
- - import_playbook: down-profile.yml
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-   vars:
-     profile: "{{ interface }}"
- # FIXME: assert profile/device down
- - import_playbook: remove-profile.yml
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-   vars:
-     profile: "{{ interface }}"
- # FIXME: assert profile away
- - name: Remove interfaces
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::cleanup'
-+    - 'tests::tier1::cleanup'
-+    - 'tests::net::veth::cleanup'
-   tasks:
-     - include_tasks: tasks/manage-test-interface.yml
-       vars:
-         state: absent
-     - include_tasks: tasks/assert-device_absent.yml
-+
-+- name: Restore host state
-+  hosts: all
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::tier1::cleanup'
-+  tasks:
-+    - import_tasks: restore_state.yml
-diff --git a/tests/tests_ethernet_other_provider.yml b/tests/tests_ethernet_other_provider.yml
-index 456b052..5a5dbb0 100644
--- a/tests/tests_ethernet_other_provider.yml
-+++ b/tests/tests_ethernet_other_provider.yml
-@@ -1,6 +1,8 @@
- ---
- - hosts: all
-   name: Run playbook 'tests_ethernet.yml' with non-default provider
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-   - name: Get service facts
-     service_facts: null
-diff --git a/tests/tests_helpers-and-asserts.yml b/tests/tests_helpers-and-asserts.yml
-index 36f02c2..b44599a 100644
--- a/tests/tests_helpers-and-asserts.yml
-+++ b/tests/tests_helpers-and-asserts.yml
-@@ -2,6 +2,8 @@
- ---
- - name: Check that creating and removing test devices and assertions work
-   hosts: all
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - name: test veth interface management
-       include_tasks: tasks/create-and-remove-interface.yml
-@@ -15,6 +17,18 @@
-         type: dummy
-         interface: dummy1298
- 
-+  pre_tasks:
-+    - name: Save host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: save_state.yml
-+
-+  post_tasks:
-+    - name: Restore host state
-+      tags:
-+        - 'tests::tier1::cleanup'
-+      import_tasks: restore_state.yml
-+
- # FIXME: when: does not seem to work with include_tasks, therefore this cannot be safely tested for now
- #    - name: test tap interfaces
- #      include_tasks: tasks/create-and-remove-interface.yml
-diff --git a/tests/tests_states.yml b/tests/tests_states.yml
-index eff3436..46cfe87 100644
--- a/tests/tests_states.yml
-+++ b/tests/tests_states.yml
-@@ -1,6 +1,8 @@
- ---
- # empty playbook to gather facts for import_playbook when clause
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
- 
- # workaround for: https://github.com/ansible/ansible/issues/27973
- # There is no way in Ansible to abort a playbook hosts with specific OS
-diff --git a/tests/tests_unit.yml b/tests/tests_unit.yml
-index c6ea4ef..8d56cf4 100644
--- a/tests/tests_unit.yml
-+++ b/tests/tests_unit.yml
-@@ -2,6 +2,8 @@
- ---
- - hosts: all
-   name: Setup for test running
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - name: Install EPEL on enterprise Linux for python2-mock
-       command: yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm
-@@ -27,6 +29,8 @@
- 
- - hosts: all
-   name: execute python unit tests
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - name: Copy python modules
-       copy:
-diff --git a/tests/tests_vlan_mtu_initscripts.yml b/tests/tests_vlan_mtu_initscripts.yml
-index a57db4b..d3a48c7 100644
--- a/tests/tests_vlan_mtu_initscripts.yml
-+++ b/tests/tests_vlan_mtu_initscripts.yml
-@@ -1,6 +1,8 @@
- ---
- # set network provider and gather facts
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - name: Set network provider to 'initscripts'
-       set_fact:
-diff --git a/tests/tests_vlan_mtu_nm.yml b/tests/tests_vlan_mtu_nm.yml
-index d830817..68b61b5 100644
--- a/tests/tests_vlan_mtu_nm.yml
-+++ b/tests/tests_vlan_mtu_nm.yml
-@@ -1,6 +1,8 @@
- ---
- # set network provider and gather facts
- - hosts: all
-+  tags:
-+    - 'tests::tier1'
-   tasks:
-     - name: Set network provider to 'nm'
-       set_fact:
--- a/SOURCES/rhel-system-roles-kdump-pr22.diff
+++ b/SOURCES/rhel-system-roles-kdump-pr22.diff
@ -1,80 +0,0 @@
-diff --git a/tasks/ssh.yml b/tasks/ssh.yml
-index 1a4e858..b05d01a 100644
--- a/tasks/ssh.yml
-+++ b/tasks/ssh.yml
-@@ -18,3 +18,15 @@
-     key: "{{ keydata.content|b64decode }}"
-     state: present
-   delegate_to: "{{ kdump_ssh_server }}"
-+
-+- name: Fetch the servers public key
-+  slurp:
-+    src: /etc/ssh/ssh_host_rsa_key.pub
-+  register: serverpubkey
-+  delegate_to: "{{ kdump_ssh_server }}"
-+
-+- name: Add the servers public key to known_hosts on managed node
-+  known_hosts:
-+    key: "{{ kdump_ssh_server_location }} {{ serverpubkey.content | b64decode }}"
-+    name: "{{ kdump_ssh_server_location }}"
-+    path: /etc/ssh/ssh_known_hosts
-diff --git a/templates/kdump.conf.j2 b/templates/kdump.conf.j2
-index bf24210..504ff34 100644
--- a/templates/kdump.conf.j2
-+++ b/templates/kdump.conf.j2
-@@ -1,12 +1,17 @@
- # {{ ansible_managed }}
- 
- {% if kdump_target %}
-{{ kdump_target.type }} {{ kdump_target.location }}
-{% endif %}
-+{% if kdump_target.type == "ssh" %}
-+ssh {{ kdump_target.location | d(kdump_ssh_user ~ '@' ~ kdump_ssh_server) }}
- 
-{% if kdump_target and kdump_target.type == "ssh" and kdump_sshkey != '/root/.ssh/kdump_id_rsa' %}
-+{% if kdump_sshkey != '/root/.ssh/kdump_id_rsa' %}
- sshkey {{ kdump_sshkey }}
- {% endif %}
-+{% else %}
-+{{ kdump_target.type }} {{ kdump_target.location  }}
-+
-+{% endif %}
-+{% endif %}
- 
- path {{ kdump_path }}
- {% if kdump_core_collector %}
-diff --git a/tests/tests_ssh.yml b/tests/tests_ssh.yml
-index 679148e..14a59d9 100644
--- a/tests/tests_ssh.yml
-+++ b/tests/tests_ssh.yml
-@@ -6,6 +6,11 @@
-     # known and ansible is supposed to be configured to be able to
-     # connect to it (via inventory).
-     kdump_ssh_server_outside: localhost
-+    kdump_ssh_source: "{{ ansible_env['SSH_CONNECTION'].split()[0] }}"
-+
-+    # this is the address at which the ssh dump server can be reached
-+    # from the managed host. Dumps will be uploaded there.
-+    kdump_ssh_server_inside: "{{ kdump_ssh_source if kdump_ssh_source in hostvars[kdump_ssh_server_outside]['ansible_all_ipv4_addresses'] + hostvars[kdump_ssh_server_outside]['ansible_all_ipv6_addresses']  else hostvars[kdump_ssh_server_outside]['ansible_default_ipv4']['address'] }}"
- 
-   tasks:
-     - name: gather facts from {{ kdump_ssh_server_outside }}
-@@ -25,8 +30,5 @@
-           type: ssh
-           # This is the ssh dump server address visible from inside
-           # the machine being configured. Dumps are to be copied
-          # there. We make here the assumption that this machine is
-          # being run as a VM and the dump server is the VM host
-          # (i.e. for ansible this is localhost). From the VM its
-          # address is then identical to the default route.
-          location: "{{ kdump_ssh_user }}@{{ ansible_default_ipv4.gateway }}"
-+          # there.
-+          location: "{{ kdump_ssh_user }}@{{ kdump_ssh_server_inside }}"
-diff --git a/vars/main.yml b/vars/main.yml
-new file mode 100644
-index 0000000..34d2d62
--- /dev/null
-+++ b/vars/main.yml
-@@ -0,0 +1,2 @@
-+# determine the managed node facing ssh server address
-+kdump_ssh_server_location: "{{ kdump_target.location | regex_replace('.*@(.*)$', '\\1') if kdump_target.location is defined else kdump_ssh_server }}"
--- a/SOURCES/rhel-system-roles-network-pr121.diff
+++ b/SOURCES/rhel-system-roles-network-pr121.diff
@ -1,62 +0,0 @@
-diff --git a/library/network_connections.py b/library/network_connections.py
-index 39e81e8..6fa5e2f 100644
--- a/library/network_connections.py
-+++ b/library/network_connections.py
-@@ -1369,6 +1369,13 @@ class NMUtil:
-             finally:
-                 ac.handler_disconnect(ac_id)
- 
-+    def reapply(self, device, connection=None):
-+        version_id = 0
-+        flags = 0
-+        return Util.call_async_method(
-+            device, "reapply", [connection, version_id, flags]
-+        )
-+
- 
- ###############################################################################
- 
-@@ -2088,6 +2095,9 @@ class Cmd_nm(Cmd):
-         )
-         self.connections_data_set_changed(idx)
-         if self.check_mode == CheckMode.REAL_RUN:
-+            if self._try_reapply(idx, con):
-+                return
-+
-             try:
-                 ac = self.nmutil.connection_activate(con)
-             except MyError as e:
-@@ -2102,6 +2112,33 @@ class Cmd_nm(Cmd):
-             except MyError as e:
-                 self.log_error(idx, "up connection failed while waiting: %s" % (e))
- 
-+    def _try_reapply(self, idx, con):
-+        """ Try to reapply a connection
-+
-+        If there is exactly one active connection with the same UUID activated
-+        on exactly one device, ask the device to reapply the connection.
-+
-+        :returns: `True`, when the connection was reapplied, `False` otherwise
-+        :rtype: bool
-+        """
-+        NM = Util.NM()
-+
-+        acons = list(self.nmutil.active_connection_list(connections=[con]))
-+        if len(acons) != 1:
-+            return False
-+
-+        active_connection = acons[0]
-+        if active_connection.get_state() == NM.ActiveConnectionState.ACTIVATED:
-+            devices = active_connection.get_devices()
-+            if len(devices) == 1:
-+                try:
-+                    self.nmutil.reapply(devices[0])
-+                    self.log_info(idx, "connection reapplied")
-+                    return True
-+                except MyError as error:
-+                    self.log_info(idx, "connection reapply failed: %s" % (error))
-+        return False
-+
-     def run_action_down(self, idx):
-         connection = self.connections[idx]
- 
--- a/SOURCES/rhel-system-roles-network-prefix.diff
+++ b/SOURCES/rhel-system-roles-network-prefix.diff
@ -1,83 +0,0 @@
-diff --git a/examples/bond-with-vlan.yml b/examples/bond-with-vlan.yml
-index 2e6be23..3b7a6dc 100644
--- a/examples/bond-with-vlan.yml
-+++ b/examples/bond-with-vlan.yml
-@@ -35,4 +35,4 @@
-             - "192.0.2.{{ network_iphost }}/24"
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/bridge-with-vlan.yml b/examples/bridge-with-vlan.yml
-index 037ff8e..83c586d 100644
--- a/examples/bridge-with-vlan.yml
-+++ b/examples/bridge-with-vlan.yml
-@@ -33,4 +33,4 @@
-             - "192.0.2.{{ network_iphost }}/24"
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/eth-simple-auto.yml b/examples/eth-simple-auto.yml
-index 0ba168a..e4c4a54 100644
--- a/examples/eth-simple-auto.yml
-+++ b/examples/eth-simple-auto.yml
-@@ -15,4 +15,4 @@
-         mtu: 1450
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/eth-with-vlan.yml b/examples/eth-with-vlan.yml
--- a/examples/eth-with-vlan.yml	2018-08-21 20:47:38.000000000 +0200
-+++ b/examples/eth-with-vlan.yml	2018-11-06 22:29:14.591770335 +0100
-@@ -26,4 +26,4 @@
-             - "192.0.2.{{ network_iphost }}/24"
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/infiniband.yml b/examples/infiniband.yml
--- a/examples/infiniband.yml	2018-08-21 20:47:38.000000000 +0200
-+++ b/examples/infiniband.yml	2018-11-06 22:29:14.591770335 +0100
-@@ -23,4 +23,4 @@
-             - 198.51.100.133/30
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/macvlan.yml b/examples/macvlan.yml
--- a/examples/macvlan.yml
-+++ b/examples/macvlan.yml
-@@ -26,4 +26,4 @@
-             - 192.168.1.1/24
- 
-   roles:
-    - linux-system-roles.network
-+    - rhel-system-roles.network
-diff --git a/examples/ethtool-features-default.yml b/examples/ethtool-features-default.yml
-index 78965e6..3cdd731 100644
--- a/examples/ethtool-features-default.yml
-+++ b/examples/ethtool-features-default.yml
-@@ -3,7 +3,7 @@
- - hosts: all
-   tasks:
-     - include_role:
-        name: linux-system-roles.network
-+        name: rhel-system-roles.network
-       vars:
-         network_connections:
-           - name: "{{ network_interface_name1 }}"
-diff --git a/examples/ethtool-features.yml b/examples/ethtool-features.yml
-index d8842c2..b32ad0b 100644
--- a/examples/ethtool-features.yml
-+++ b/examples/ethtool-features.yml
-@@ -3,7 +3,7 @@
- - hosts: all
-   tasks:
-     - include_role:
-        name: linux-system-roles.network
-+        name: rhel-system-roles.network
-       vars:
-         network_connections:
-           - name: "{{ network_interface_name1 }}"
--- a/SOURCES/rhel-system-roles-postfix-pr5.diff
+++ b/SOURCES/rhel-system-roles-postfix-pr5.diff
@ -1,40 +0,0 @@
-diff --git a/README.md b/README.md
-index 5950215..df64284 100644
--- a/README.md
-+++ b/README.md
-@@ -17,7 +17,7 @@ Example Playbook
- 
- Install and enable postfix. Configure "relay_domains=$mydestination" and
- 
-```
-+```yaml
- ---
- - hosts: all
-   vars:
-@@ -31,7 +31,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and
- Install and enable postfix. Do not run 'postfix check' before restarting
- postfix:
- 
-```
-+```yaml
- ---
- - hosts: all
-   vars:
-@@ -43,7 +43,7 @@ postfix:
- Install and enable postfix. Do single backup of main.cf (older backup will be
- rewritten) and configure "relay_host=example.com":
- 
-```
-+```yaml
- ---
- - hosts: all
-   vars:
-@@ -58,7 +58,7 @@ Install and enable postfix. Do timestamped backup of main.cf and
- configure "relay_host=example.com" (if postfix_backup_multiple is
- set to true postfix_backup is ignored):
- 
-```
-+```yaml
- ---
- - hosts: all
-   vars:
--- a/SOURCES/rhel-system-roles-postfix-prefix.diff
+++ b/SOURCES/rhel-system-roles-postfix-prefix.diff
@ -1,40 +0,0 @@
-diff --git a/README.md b/README.md
-index 5950215..a59d72f 100644
--- a/README.md
-+++ b/README.md
-@@ -25,7 +25,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and
-       relay_domains: "$mydestination"
-       relay_host: "example.com"
-   roles:
-    - postfix
-+    - linux-system-roles.postfix
- ```
- 
- Install and enable postfix. Do not run 'postfix check' before restarting
-@@ -37,7 +37,7 @@ postfix:
-   vars:
-     postfix_check: false
-   roles:
-    - postfix
-+    - linux-system-roles.postfix
- ```
- 
- Install and enable postfix. Do single backup of main.cf (older backup will be
-@@ -51,7 +51,7 @@ rewritten) and configure "relay_host=example.com":
-       relay_host: "example.com"
-     postfix_backup: true
-   roles:
-    - postfix
-+    - linux-system-roles.postfix
- ```
- 
- Install and enable postfix. Do timestamped backup of main.cf and
-@@ -66,7 +66,7 @@ set to true postfix_backup is ignored):
-       relay_host: "example.com"
-     postfix_backup_multiple: true
-   roles:
-    - postfix
-+    - linux-system-roles.postfix
- ```
- 
- 
--- a/SOURCES/rhel-system-roles-selinux-prefix.diff
+++ b/SOURCES/rhel-system-roles-selinux-prefix.diff
@ -1,32 +0,0 @@
-diff --git a/README.md b/README.md
-index a0385b0..6efc62d 100644
--- a/README.md
-+++ b/README.md
-@@ -42,7 +42,7 @@ This role can be configured using variab
- vars:
-   [ see below ]
- roles:
-  - role: linux-system-roles.selinux
-+  - role: rhel-system-roles.selinux
-     become: true
- ```
- 
-diff --git a/selinux-playbook.yml b/selinux-playbook.yml
-index 78d3953..b2348d5 100644
--- a/selinux-playbook.yml
-+++ b/selinux-playbook.yml
-@@ -31,7 +31,7 @@
-     - name: execute the role and catch errors
-       block:
-         - include_role:
-            name: linux-system-roles.selinux
-+            name: rhel-system-roles.selinux
-       rescue:
-         # Fail if failed for a different reason than selinux_reboot_required.
-         - name: handle errors
-@@ -52,4 +52,4 @@
- 
-         - name: reapply the role
-           include_role:
-            name: linux-system-roles.selinux
-+            name: rhel-system-roles.selinux
--- a/SOURCES/rhel-system-roles-storage-prefix.diff
+++ b/SOURCES/rhel-system-roles-storage-prefix.diff
@ -1,13 +0,0 @@
-diff --git a/README.md b/README.md
-index c2debc9..d9e40b3 100644
--- a/README.md
-+++ b/README.md
-@@ -81,7 +81,7 @@ Example Playbook
- - hosts: all
- 
-   roles:
-    - name: linux-system-roles.storage
-+    - name: rhel-system-roles.storage
-       storage_pools:
-         - name: app
-           disks:
--- a/SOURCES/rhel-system-roles-timesync-prefix.diff
+++ b/SOURCES/rhel-system-roles-timesync-prefix.diff
@ -1,46 +0,0 @@
-diff -up timesync-1.0.0/README.md.orig timesync-1.0.0/README.md
--- timesync-1.0.0/README.md.orig	2018-08-21 11:46:41.000000000 +0200
-+++ timesync-1.0.0/README.md	2018-11-06 22:29:14.586770442 +0100
-@@ -82,7 +82,7 @@ Install and configure ntp to synchronize
-       - hostname: baz.example.com
-         iburst: yes
-   roles:
-    - linux-system-roles.timesync
-+    - rhel-system-roles.timesync
- ```
- 
- Install and configure linuxptp to synchronize the system clock with a
-@@ -95,7 +95,7 @@ grandmaster in PTP domain number 0, whic
-       - number: 0
-         interfaces: [ eth0 ]
-   roles:
-    - linux-system-roles.timesync
-+    - rhel-system-roles.timesync
- ```
- 
- Install and configure chrony and linuxptp to synchronize the system clock with
-@@ -122,5 +122,5 @@ synchronization:
-         transport: UDPv4
-         delay: 0.000010
-   roles:
-    - linux-system-roles.timesync
-+    - rhel-system-roles.timesync
- ```
-diff -up timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml.orig timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml
--- timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml.orig	2019-06-03 18:03:18.081868584 +0200
-+++ timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/multiple-ntp-servers.yml	2019-06-03 18:03:26.718704991 +0200
-@@ -11,4 +11,4 @@
-       - hostname: 3.pool.ntp.org
-         iburst: yes
-   roles:
-    - linux-system-roles.timesync
-+    - rhel-system-roles.timesync
-diff -up timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml.orig timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml
--- timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml.orig	2019-06-03 16:36:40.000000000 +0200
-+++ timesync-85b90feedee2a5b3148fd3f72b229b44ec597682/examples/single-pool.yml	2019-06-03 18:03:36.721515519 +0200
-@@ -6,4 +6,4 @@
-         pool: yes
-         iburst: yes
-   roles:
-    - linux-system-roles.timesync
-+    - rhel-system-roles.timesync
--- a/SOURCES/selinux-tier1-tags.diff
+++ b/SOURCES/selinux-tier1-tags.diff
@ -1,176 +0,0 @@
-diff --git a/tests/set_selinux_variables.yml b/tests/set_selinux_variables.yml
-index f294101..7571066 100644
--- a/tests/set_selinux_variables.yml
-+++ b/tests/set_selinux_variables.yml
-@@ -1,4 +1,12 @@
- ---
-+- name: Install SELinux tool semanage on Fedora
-+  package:
-+    name:
-+      - policycoreutils-python-utils
-+    state: present
-+  when: ansible_distribution == "Fedora" or
-+    ( ansible_distribution_major_version > "7" and
-+      ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" ))
- - name: Get local modifications - boolean
-   command: /usr/sbin/semanage boolean -l -n -C
-   register: selinux_role_boolean
-diff --git a/tests/tests_boolean.yml b/tests/tests_boolean.yml
-index 47eafc0..ca85922 100644
--- a/tests/tests_boolean.yml
-+++ b/tests/tests_boolean.yml
-@@ -1,5 +1,6 @@
- 
- - name: Check if selinux role sets SELinux booleans
-+  tags: [ 'tests::tier1', 'tests::expfail' ]
-   hosts: all
-   become: true
- 
-@@ -12,7 +13,7 @@
-         selinux_booleans:
-           - { name: 'samba_enable_home_dirs', state: 'on', persistent: 'yes' }
- 
-    - include: set_selinux_variables.yml
-+    - import_tasks: set_selinux_variables.yml
-     - name: save state after initial changes and before other changes
-       set_fact:
-         boolean_before: "{{ selinux_role_boolean.stdout_lines }}"
-diff --git a/tests/tests_default.yml b/tests/tests_default.yml
-index a837c73..25bf39d 100644
--- a/tests/tests_default.yml
-+++ b/tests/tests_default.yml
-@@ -1,5 +1,6 @@
- 
- - name: Ensure that the role runs with default parameters
-+  tags: tests::tier1
-   hosts: all
- 
-   roles:
-diff --git a/tests/tests_default_vars.yml b/tests/tests_default_vars.yml
-index b6a6b5a..7cd321d 100644
--- a/tests/tests_default_vars.yml
-+++ b/tests/tests_default_vars.yml
-@@ -1,4 +1,5 @@
- - name: Ensure that the role declares all paremeters in defaults
-+  tags: tests::tier1
-   hosts: all
- 
-   roles:
-diff --git a/tests/tests_fcontext.yml b/tests/tests_fcontext.yml
-index 0a411fb..f4a3923 100644
--- a/tests/tests_fcontext.yml
-+++ b/tests/tests_fcontext.yml
-@@ -1,5 +1,6 @@
- 
- - name: Check if selinux role sets SELinux fcontext mappings
-+  tags: tests::tier1
-   hosts: all
-   become: true
- 
-@@ -13,7 +14,7 @@
-         selinux_fcontexts:
-           - { target: '/tmp/test_dir1(/.*)?', setype: 'user_home_dir_t', ftype: 'd' }
- 
-    - include: set_selinux_variables.yml
-+    - import_tasks: set_selinux_variables.yml
-     - name: save state after initial changes and before other changes
-       set_fact:
-         fcontext_before: "{{ selinux_role_fcontext.stdout }}"
-diff --git a/tests/tests_login.yml b/tests/tests_login.yml
-index efa826d..e4f55ca 100644
--- a/tests/tests_login.yml
-+++ b/tests/tests_login.yml
-@@ -1,5 +1,6 @@
- 
- - name: Check if selinux role sets SELinux login mappings
-+  tags: tests::tier1
-   hosts: all
-   become: true
- 
-@@ -18,7 +19,7 @@
-           - { login: 'sar-user', seuser: 'staff_u', serange: 's0-s0:c0.c1023', state: 'present' }
- 
- 
-    - include: set_selinux_variables.yml
-+    - import_tasks: set_selinux_variables.yml
-     - name: save state after initial changes and before other changes
-       set_fact:
-         login_before: "{{ selinux_role_login.stdout }}"
-diff --git a/tests/tests_port.yml b/tests/tests_port.yml
-index 446f79d..03276b5 100644
--- a/tests/tests_port.yml
-+++ b/tests/tests_port.yml
-@@ -1,5 +1,6 @@
- 
- - name: Check if selinux role sets SELinux port mapping
-+  tags: tests::tier1
-   hosts: all
-   become: true
- 
-@@ -29,7 +30,7 @@
-         selinux_ports:
-           - { ports: '22022', proto: 'tcp', setype: 'ssh_port_t', state: 'present' }
- 
-    - include: set_selinux_variables.yml
-+    - import_tasks: set_selinux_variables.yml
-     - name: save state after other changes
-       set_fact:
-         port_after: "{{ selinux_role_port.stdout }}"
-diff --git a/tests/tests_selinux_disabled.yml b/tests/tests_selinux_disabled.yml
-index afd23e4..d30de2b 100644
--- a/tests/tests_selinux_disabled.yml
-+++ b/tests/tests_selinux_disabled.yml
-@@ -18,7 +19,9 @@
-         name:
-           - policycoreutils-python-utils
-         state: present
-      when: ansible_distribution == "Fedora"
-+      when: ansible_distribution == "Fedora" or
-+        ( ansible_distribution_major_version > "7" and
-+          ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" ))
- 
-     - name: Add a Linux System Roles SELinux User
-       user:
-@@ -67,17 +71,28 @@
-       assert:
-         that: "{{ ansible_selinux.config_mode == 'enforcing' }}"
-         msg: "SELinux config mode should be enforcing instead of {{ ansible_selinux.config_mode }}"
-    - name: Restore original /etc/selinux/config
-      copy:
-        remote_src: true
-        dest: /etc/selinux/config
-        src: /etc/selinux/config.test_selinux_disabled
-    - name: Remove /etc/selinux/config backup
-      file:
-        path: /etc/selinux/config.test_selinux_disabled
-        state: absent
-    - name: Remove Linux System Roles SELinux User
-      user:
-        name: sar-user
-        remove: yes
-        state: absent
-+
-+    - name: Cleanup
-+      tags: [ 'tests::cleanup' ]
-+      block:
-+        - name: Restore original /etc/selinux/config
-+          copy:
-+            remote_src: true
-+            dest: /etc/selinux/config
-+            src: /etc/selinux/config.test_selinux_disabled
-+
-+        - name: Remove /etc/selinux/config backup
-+          file:
-+            path: /etc/selinux/config.test_selinux_disabled
-+            state: absent
-+
-+        - name: Remove Linux System Roles SELinux User
-+          user:
-+            name: sar-user
-+            remove: yes
-+            state: absent
-+
-+        - import_role:
-+            name: selinux
-+          vars:
-+            selinux_all_purge: true
--- a/SOURCES/storage-safemode.diff
+++ b/SOURCES/storage-safemode.diff
--- a/SOURCES/timesync-tier1-tags.diff
+++ b/SOURCES/timesync-tier1-tags.diff
@ -1,404 +0,0 @@
-diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml
-new file mode 100644
-index 0000000..4fe5d36
--- /dev/null
-+++ b/tests/get_services_state.yml
-@@ -0,0 +1,4 @@
-+- name: Get initial state of services
-+  tags: tests::cleanup
-+  service_facts:
-+  register: initial_state
-diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml
-new file mode 100644
-index 0000000..3d48975
--- /dev/null
-+++ b/tests/restore_services_state.yml
-@@ -0,0 +1,19 @@
-+- name: Get final state of services
-+  tags: tests::cleanup
-+  service_facts:
-+  register: final_state
-+
-+- name: Restore state of services
-+  tags: tests::cleanup
-+  service:
-+    name: "{{ item }}"
-+    state: "{{ 'started' if initial_state.ansible_facts.services[item + '.service']['state'] == 'running' else 'stopped' }}"
-+  when:
-+     - item + '.service' in final_state.ansible_facts.services
-+     - item + '.service' in initial_state.ansible_facts.services
-+  with_items:
-+    - chronyd
-+    - ntpd
-+    - ptp4l
-+    - phc2sys
-+    - timemaster
-diff --git a/tests/tests_default.yml b/tests/tests_default.yml
-index 856ebe5..fb298c9 100644
--- a/tests/tests_default.yml
-+++ b/tests/tests_default.yml
-@@ -1,6 +1,17 @@
- 
- - name: Ensure that the role runs with default parameters
-+  tags: tests::tier1
-   hosts: all
- 
-   roles:
-     - linux-system-roles.timesync
-+
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_default_vars.yml b/tests/tests_default_vars.yml
-index 366a9f5..df989a5 100644
--- a/tests/tests_default_vars.yml
-+++ b/tests/tests_default_vars.yml
-@@ -1,5 +1,6 @@
- ---
- - name: Ensure that the role declares all parameters in defaults
-+  tags: tests::tier1
-   hosts: all
- 
-   tasks:
-diff --git a/tests/tests_default_wrapper.yml b/tests/tests_default_wrapper.yml
-index a768f4c..b0c0ab3 100644
--- a/tests/tests_default_wrapper.yml
-+++ b/tests/tests_default_wrapper.yml
-@@ -1,5 +1,8 @@
- ---
- - name: Create static inventory from hostvars
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   hosts: all
-   tasks:
-     - name: create temporary file
-@@ -17,9 +20,15 @@
- 
- 
- - name: Run tests_default.yml normally
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   import_playbook: tests_default.yml
- 
- - name: Run tests_default.yml in check_mode
-+  tags:
-+    - 'tests::tier1'
-+    - 'tests::slow'
-   hosts: all
-   tasks:
-     - name: Run ansible-playbook with tests_default.yml in check mode
-diff --git a/tests/tests_ntp.yml b/tests/tests_ntp.yml
-index e4b1b5e..446f1dc 100644
--- a/tests/tests_ntp.yml
-+++ b/tests/tests_ntp.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure time synchronization with NTP servers
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -18,6 +19,11 @@
-   roles:
-     - linux-system-roles.timesync
- 
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-   tasks:
-     - meta: flush_handlers
- 
-@@ -35,3 +41,8 @@
-           - "'172.16.123.1' in sources.stdout"
-           - "'172.16.123.2' in sources.stdout"
-           - "'172.16.123.3' in sources.stdout"
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider1.yml b/tests/tests_ntp_provider1.yml
-index 08ecab9..9fe0db3 100644
--- a/tests/tests_ntp_provider1.yml
-+++ b/tests/tests_ntp_provider1.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure NTP with default provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -8,6 +9,10 @@
-     - linux-system-roles.timesync
- 
-   pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-     - name: Remove NTP providers
-       package: name={{ item }} state=absent
-       with_items:
-@@ -27,3 +32,7 @@
-       assert:
-         that:
-           - "'172.16.123.1' in sources.stdout"
-+
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider2.yml b/tests/tests_ntp_provider2.yml
-index 5476ae4..e0d5c96 100644
--- a/tests/tests_ntp_provider2.yml
-+++ b/tests/tests_ntp_provider2.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure NTP with chrony as current provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -8,6 +9,10 @@
-     - linux-system-roles.timesync
- 
-   pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-     - name: Remove ntp
-       package: name=ntp state=absent
- 
-@@ -29,3 +34,7 @@
- 
-     - name: Check chronyd service
-       shell: chronyc -n tracking
-+
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider3.yml b/tests/tests_ntp_provider3.yml
-index 44ca101..d440a64 100644
--- a/tests/tests_ntp_provider3.yml
-+++ b/tests/tests_ntp_provider3.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure NTP with ntp as current provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -8,6 +9,10 @@
-     - linux-system-roles.timesync
- 
-   pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-     - name: Remove chrony
-       package: name=chrony state=absent
- 
-@@ -29,3 +34,7 @@
- 
-     - name: Check ntpd service
-       shell: ntpq -c rv | grep 'associd=0'
-+
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider4.yml b/tests/tests_ntp_provider4.yml
-index 8b452b8..8bccba0 100644
--- a/tests/tests_ntp_provider4.yml
-+++ b/tests/tests_ntp_provider4.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure NTP with chrony as specified provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -9,6 +10,10 @@
-     - linux-system-roles.timesync
- 
-   pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-     - name: Install chrony
-       package: name=chrony state=present
-       register: package_install
-@@ -27,3 +32,7 @@
- 
-     - name: Check chronyd service
-       shell: chronyc -n tracking
-+
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider5.yml b/tests/tests_ntp_provider5.yml
-index 1740164..98a054f 100644
--- a/tests/tests_ntp_provider5.yml
-+++ b/tests/tests_ntp_provider5.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure NTP with ntp as specified provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -9,6 +10,10 @@
-     - linux-system-roles.timesync
- 
-   pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-     - name: Install ntp
-       package: name=ntp state=present
-       register: package_install
-@@ -27,3 +32,7 @@
- 
-     - name: Check ntpd service
-       shell: ntpq -c rv | grep 'associd=0'
-+
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_provider6.yml b/tests/tests_ntp_provider6.yml
-index 21a2039..fb41824 100644
--- a/tests/tests_ntp_provider6.yml
-+++ b/tests/tests_ntp_provider6.yml
-@@ -1,11 +1,16 @@
- 
- - name: Configure NTP with OS release non-default provider and then change it to the default provider
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     is_ntp_default: "ansible_distribution in ['RedHat', 'CentOS'] and ansible_distribution_version is version('7.0', '<')"
-     both_avail: true
- 
-   tasks:
-+  - name: Import tasks
-+    tags: tests::tier1::cleanup
-+    import_tasks: get_services_state.yml
-+
-   - name: Check for availability of both NTP providers
-     package: name={{ item }} state=present
-     register: package_install
-@@ -71,3 +76,7 @@
-     shell: chronyc -n tracking
-     when:
-       - not is_ntp_default
-+
-+  - name: Import tasks
-+    tags: tests::tier1::cleanup
-+    import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ntp_ptp.yml b/tests/tests_ntp_ptp.yml
-index cab706f..7f4cdfc 100644
--- a/tests/tests_ntp_ptp.yml
-+++ b/tests/tests_ntp_ptp.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure time synchronization with NTP servers and PTP domains
-+  tags: tests::tier1
-   hosts: all
-   vars:
-     timesync_ntp_servers:
-@@ -22,6 +23,11 @@
-   roles:
-     - linux-system-roles.timesync
- 
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-   tasks:
-     - meta: flush_handlers
- 
-@@ -48,3 +54,8 @@
-               - "'PTP1' in sources.stdout"
- 
-       when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout"
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ptp_multi.yml b/tests/tests_ptp_multi.yml
-index d52d439..936e467 100644
--- a/tests/tests_ptp_multi.yml
-+++ b/tests/tests_ptp_multi.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure time synchronization with multiple PTP domains
-+  tags: [ 'tests::tier1', 'tests::expfail' ]
-   hosts: all
-   vars:
-     timesync_ptp_domains:
-@@ -16,6 +17,11 @@
-   roles:
-     - linux-system-roles.timesync
- 
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-   tasks:
-     - meta: flush_handlers
- 
-@@ -58,3 +64,8 @@
-               - "'domainNumber 1' in pmc.stdout"
- 
-       when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout"
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
-diff --git a/tests/tests_ptp_single.yml b/tests/tests_ptp_single.yml
-index 74da310..36d141e 100644
--- a/tests/tests_ptp_single.yml
-+++ b/tests/tests_ptp_single.yml
-@@ -1,5 +1,6 @@
- 
- - name: Configure time synchronization with single PTP domain
-+  tags: [ 'tests::tier1', 'tests::expfail' ]
-   hosts: all
-   vars:
-     timesync_ptp_domains:
-@@ -8,6 +9,11 @@
-   roles:
-     - linux-system-roles.timesync
- 
-+  pre_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: get_services_state.yml
-+
-   tasks:
-     - meta: flush_handlers
- 
-@@ -31,3 +37,8 @@
-               - "'domainNumber 3' in pmc.stdout"
- 
-       when: "'SOF_TIMESTAMPING_TX_' in ethtool.stdout"
-+
-+  post_tasks:
-+    - name: Import tasks
-+      tags: tests::tier1::cleanup
-+      import_tasks: restore_services_state.yml
--- a/SOURCES/vendoring-build.inc
+++ b/SOURCES/vendoring-build.inc
@ -0,0 +1,102 @@
+# maps the source file to the roles that use that file
+# value can be string or space delimited list of strings
+# role name `__collection` means - do not vendor into
+# role, just vendor directly into the collection
+declare -A plugin_map=(
+  [ansible/posix/plugins/modules/selinux.py]=selinux
+  [ansible/posix/plugins/modules/seboolean.py]=selinux
+  [ansible/posix/plugins/modules/mount.py]=storage
+  [ansible/posix/plugins/modules/rhel_facts.py]=__collection
+  [ansible/posix/plugins/modules/rhel_rpm_ostree.py]=__collection
+  [ansible/posix/plugins/module_utils/mount.py]=storage
+  [community/general/plugins/modules/ini_file.py]="tlog ad_integration"
+  [community/general/plugins/modules/modprobe.py]=ha_cluster
+  [community/general/plugins/modules/redhat_subscription.py]=rhc
+  [community/general/plugins/modules/rhsm_release.py]=rhc
+  [community/general/plugins/modules/rhsm_repository.py]=rhc
+  [community/general/plugins/modules/seport.py]=selinux
+  [community/general/plugins/modules/sefcontext.py]=selinux
+  [community/general/plugins/modules/selogin.py]=selinux
+  [containers/podman/plugins/modules/podman_container_info.py]=podman
+  [containers/podman/plugins/modules/podman_image.py]=podman
+  [containers/podman/plugins/modules/podman_play.py]=podman
+  [containers/podman/plugins/modules/podman_secret.py]=podman
+  [containers/podman/plugins/module_utils/podman/common.py]=podman
+)
+
+declare -a modules mod_utils collection_plugins
+declare -A dests
+# vendor in plugin files - fix documentation, fragments
+for src in "${!plugin_map[@]}"; do
+  roles="${plugin_map["$src"]}"
+  if [ "$roles" = __collection ]; then
+    collection_plugins+=("$src")
+  else
+    case "$src" in
+    */plugins/modules/*) srcdir=plugins/modules; subdir=library; modules+=("$src") ;;
+    */plugins/module_utils/*) srcdir=plugins/module_utils; mod_utils+=("$src") ;;
+    */plugins/action/*) srcdir=plugins/action ;;
+    esac
+  fi
+  for role in $roles; do
+    if [ "$role" = __collection ]; then
+      dest="%{collection_build_path}/plugins${src/#*plugins/}"
+      dests["$dest"]=__collection
+    else
+      case "$src" in
+      */plugins/module_utils/*) subdir="module_utils/${role}_lsr" ;;
+      esac
+      dest="$role/${src/#*${srcdir}/${subdir}}"
+      dests["$dest"]="$role"
+    fi
+    destdir="$(dirname "$dest")"
+    if [ ! -d "$destdir" ]; then
+      mkdir -p "$destdir"
+    fi
+    cp -pL ".external/$src" "$dest"
+    sed -e ':a;N;$!ba;s/description:\n\( *\)/description:\n\1- WARNING: Do not use this plugin directly! It is only for role internal use.\n\1/' \
+      -e '/^extends_documentation_fragment:/,/^[^ -]/{/^extends/d;/^[ -]/d}' \
+      -i "$dest"
+  done
+done
+
+# remove the temporary .external directory after vendoring
+rm -rf .external
+
+# fix python imports to point from the old name to the new name
+for dest in "${!dests[@]}"; do
+  role="${dests["$dest"]}"
+  for module in "${modules[@]}"; do
+    python_name="$(dirname "$module")"
+    python_name="${python_name////[.]}"
+    sed -e "s/ansible_collections[.]${python_name}[.]/ansible.modules./" -i "$dest"
+  done
+  for mod_util in "${mod_utils[@]}"; do
+    # some mod_utils have subdirs, some do not
+    split=(${mod_util//// })
+    python_name="ansible_collections[.]${split[0]}[.]${split[1]}[.]plugins[.]module_utils[.]"
+    sed -e "s/${python_name}/ansible.module_utils.${role}_lsr./" -i "$dest"
+  done
+  for plugin in "${collection_plugins[@]}"; do
+    python_name="$(dirname "$plugin")"
+    dest_python_name="%{collection_namespace}/%{collection_name}/plugins${python_name/#*plugins/}"
+    src_python_name="ansible_collections.${python_name////[.]}"
+    dest_python_name="ansible_collections.${dest_python_name////.}"
+    sed -e "s/${src_python_name}/${dest_python_name}/" -i "$dest"
+  done
+done
+
+# Replacing "linux-system-roles.rolename" with "rhel-system-roles.rolename" in each role
+# Replacing "fedora.linux_system_roles." with "redhat.rhel_system_roles" in each role
+# This is for the "roles calling other roles" case
+# for podman, change the FQCN - using a non-FQCN module name doesn't seem to work,
+# even for the legacy role format
+for rolename in %{rolenames}; do
+    find "$rolename" -type f -exec \
+         sed -e "s/linux-system-roles[.]${rolename}\\>/%{roleinstprefix}${rolename}/g" \
+             -e "s/fedora[.]linux_system_roles[.]/%{collection_namespace}.%{collection_name}./g" \
+             -e "s/containers[.]podman[.]/%{collection_namespace}.%{collection_name}./g" \
+             -e "s/community[.]general[.]/%{collection_namespace}.%{collection_name}./g" \
+             -e "s/ansible[.]posix[.]/%{collection_namespace}.%{collection_name}./g" \
+             -i {} \;
+done
--- a/SOURCES/vendoring-prep.inc
+++ b/SOURCES/vendoring-prep.inc
@ -0,0 +1,12 @@
+# Untar vendored collection tarballs to corresponding directories
+for file in %{SOURCE801} %{SOURCE901} %{SOURCE902}; do
+    if [[ "$(basename $file)" =~ ([^-]+)-([^-]+)-(.+).tar.gz ]]; then
+        ns=${BASH_REMATCH[1]}
+        name=${BASH_REMATCH[2]}
+        ver=${BASH_REMATCH[3]}
+        mkdir -p .external/$ns/$name
+        pushd .external/$ns/$name > /dev/null
+        tar xfz "$file"
+        popd > /dev/null
+    fi
+done
--- a/SPECS/rhel-system-roles.spec
+++ b/SPECS/rhel-system-roles.spec
Author	SHA1	Message	Date
eabdullin	260649931c	Import from AlmaLinux stable repository	2024-05-31 18:06:27 +00:00
Andrew Lukoshko	0afba46f9c	import rhel-system-roles-1.21.2-1.el8_8	2023-06-29 21:00:46 +00:00
CentOS Sources	bfd57292a0	import rhel-system-roles-1.21.1-1.el8_8	2023-05-16 07:10:25 +00:00
CentOS Sources	c20a826a95	import rhel-system-roles-1.20.1-1.el8	2022-11-08 10:46:03 +00:00
CentOS Sources	ac44374ec7	import rhel-system-roles-1.16.2-1.el8_6.3	2022-08-03 02:50:08 +00:00
CentOS Sources	b6c97cffc2	import rhel-system-roles-1.16.2-1.el8_6.2	2022-05-10 15:01:59 +00:00
CentOS Sources	38f74bfed4	import rhel-system-roles-1.16.2-1.el8	2022-05-10 07:59:45 +00:00
CentOS Sources	7c20edc1b1	import rhel-system-roles-1.7.3-2.el8	2021-12-07 17:47:02 +00:00
CentOS Sources	9846ca6957	import rhel-system-roles-1.0.1-1.el8	2021-09-10 03:54:31 +00:00
CentOS Sources	39fa5bdecd	import rhel-system-roles-1.0-21.el8	2021-09-10 03:54:28 +00:00
CentOS Sources	287e02c51d	import rhel-system-roles-1.0-20.el8	2021-09-10 03:54:25 +00:00