RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2047504 - kernel_settings role should use ansible_managed in its configuration file
Summary: kernel_settings role should use ansible_managed in its configuration file
Alias: None
Deadline: 2022-02-08
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: rhel-system-roles
Version: 8.6
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: 8.6
Assignee: Rich Megginson
QA Contact: David Jež
Jaroslav Klech
Whiteboard: role:kernel_settings
Depends On: 2044640 2054363 2054364 2054365 2054367 2054368 2054369 2057645 2057647 2057651 2057652 2057656 2057657 2057661 2057662 2064690
Blocks: 2047506
TreeView+ depends on / blocked
Reported: 2022-01-27 23:01 UTC by Rich Megginson
Modified: 2022-05-10 14:39 UTC (History)
8 users (show)

Fixed In Version: rhel-system-roles-1.12.0-1.el8
Doc Type: Bug Fix
Doc Text:
.The `/etc/tuned/kernel_settings/tuned.conf` file has a proper `ansible_managed` header Previously, the Kernel settings RHEL System Role had a hard-coded value for the `ansible_managed` header in the `/etc/tuned/kernel_settings/tuned.conf` file. Consequently, users could not provide their custom `ansible_managed` header. In this update, the problem has been fixed so that `kernel_settings` updates the header of `/etc/tuned/kernel_settings/tuned.conf` with user's `ansible_managed` setting. As a result, `/etc/tuned/kernel_settings/tuned.conf` has a proper `ansible_managed` header.
Clone Of: 2044640
: 2047506 (view as bug list)
Last Closed: 2022-05-10 14:12:50 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github linux-system-roles kernel_settings pull 72 0 None Merged make tuned.conf have correct ansible_managed comment 2022-01-27 23:01:45 UTC
Red Hat Issue Tracker RHELPLAN-110122 0 None None None 2022-01-27 23:02:40 UTC
Red Hat Product Errata RHBA-2022:1896 0 None None None 2022-05-10 14:13:03 UTC

Description Rich Megginson 2022-01-27 23:01:45 UTC
+++ This bug was initially created as a clone of Bug #2044640 +++

Description of problem:
RHEL System Roles should consistently use ansible_managed to allow customers to customize the comment shown at the top of configuration files managed by RHEL System Roles.  Some roles do not use ansible_managed, or have hard coded comments.  For example, the kernel_settings role creates /etc/tuned/kernel_settings/tuned.conf with a hard coded comment.  

Version-Release number of selected component (if applicable):

Additional info:
This is likely not limited to the kernel_settings role.  All roles should be evaluated and updated as needed to use ansible_managed.  Any roles updated to use ansible_managed should refer to https://bugzilla.redhat.com/show_bug.cgi?id=2006230 to ensure multi-line ansible_managed comments are supported.

--- Additional comment from Rich Megginson on 2022-01-25 02:46:04 UTC ---

kernel_settings https://github.com/linux-system-roles/kernel_settings/pull/72
postfix - uses the `postconf` command to set configuration - so no template used to generate /etc/postfix/main.cf - we could use the "trick" developed by https://github.com/linux-system-roles/kernel_settings/pull/72/files#diff-3d0ff1709ca48add100327bb2a468e6c508fb92a159c64c4f99ad1df89d9bddeR79 to generate the ansible_managed value, then use something like `lineinfile` to ensure that value is in main.cf
logging - looks good, but need to confirm
vpn - needs ansible_managed
timesync - good
kdump - good
cockpit - good
ssh - good
ha_cluster - need to see if file format supports commenting
tlog - needs comments
certificate - not sure - says it generates scripts but I cannot find how
crypto_policies - good
firewall - good
metrics - needs comments - but this will involve changes to ansible-pcp
mssql - needs comments
nbde_client, nbde_server - uses json format - not sure about comments
network - needs comments
selinux - good
storage - I think /etc/crypttab is not "owned" by the role

in addition - there may be some of the roles that generate config files in a non-standard way (e.g. like postfix with postfix-conf - not using the template module or lookup) that we will have to do some more investigation to find out

For the kernel_settings role, the role should update the ansible_managed header in /etc/tuned/kernel_settings/tuned.conf when ansible_managed has changed

1) run the kernel_settings role with some values
2) create ansible.cfg in the current directory like this:

ansible_managed = my

3) run the kernel_settings role again with the same values
4) verify that /etc/tuned/kernel_settings/tuned.conf has a header like this:

# my
# ansible
# managed
# value

Comment 12 errata-xmlrpc 2022-05-10 14:12:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.