sysctl - Reload also when current system values differ (#56153)

Previously if `sysctl_set=no` (which is the default) this module only checked for changes in the sysctl.conf file to decide whether it should reload it or not. This means that if the values in the conf file are the same as they are set with the module, but the current values on the system are different, that this module wouldn't apply the changes on the system and thus the value set with the module wouldn't be applied on the OS. This isn't obvious and it doesn't make sense that the module works like that by default, especially because there is a separate option `reload`. Now sysctl will also check if the current value differs on the system and if it does, it will reload the file again. (cherry picked from commit 5fc769f6b1)
2019-07-24 16:04:15 +02:00 · 2019-07-24 16:04:15 +02:00 · 6b4f153459
commit 6b4f153459
parent e97ceafa82
3 changed files with 249 additions and 159 deletions
--- a/changelogs/fragments/sysctl-check-file-and-system.yaml
+++ b/changelogs/fragments/sysctl-check-file-and-system.yaml
@ -0,0 +1,2 @@
+bugfixes:
+  - sysctl - check system values, not just sysctl.conf file, when determing state (https://github.com/ansible/ansible/pull/56153#issuecomment-514384922)
--- a/lib/ansible/modules/system/sysctl.py
+++ b/lib/ansible/modules/system/sysctl.py
@ -169,9 +169,16 @@ class SysctlModule(object):
        elif self.file_values[thisname] != self.args['value']:
            self.changed = True
            self.write_file = True
+        # with reload=yes we should check if the current system values are
+        # correct, so that we know if we should reload
+        elif self.args['reload']:
+            if self.proc_value is None:
+                self.changed = True
+            elif not self._values_is_equal(self.proc_value, self.args['value']):
+                self.changed = True

        # use the sysctl command or not?
-        if self.args['sysctl_set']:
+        if self.args['sysctl_set'] and self.args['state'] == "present":
            if self.proc_value is None:
                self.changed = True
            elif not self._values_is_equal(self.proc_value, self.args['value']):
@ -182,7 +189,7 @@ class SysctlModule(object):
        if not self.module.check_mode:
            if self.write_file:
                self.write_sysctl()
-            if self.write_file and self.args['reload']:
+            if self.changed and self.args['reload']:
                self.reload_sysctl()
            if self.set_proc:
                self.set_token_value(self.args['name'], self.args['value'])
--- a/test/integration/targets/sysctl/tasks/main.yml
+++ b/test/integration/targets/sysctl/tasks/main.yml
@ -20,6 +20,10 @@
 # apply sysctl, or it will always fail, because of that in most cases (except
 # those when it should fail) we have to use `reload=no`.

+- name: Test inside Docker
+  when:
+    - ansible_facts.virtualization_type == 'docker'
+  block:
    - set_fact:
        output_dir_test: "{{ output_dir }}/test_sysctl"

@ -208,3 +212,80 @@
      assert:
        that:
          - sysctl_test4 is failed
+
+
+- name: Test on RHEL VMs
+  when:
+    - ansible_facts.virtualization_type != 'docker'
+    - ansible_facts.distribution == 'RedHat'
+  block:
+    # Test reload: yes
+    - name: Set sysctl property using module
+      sysctl:
+        name: vm.swappiness
+        value: '22'
+        state: present
+        reload: yes
+      register: sysctl_set1
+
+    - name: Change sysctl property using command
+      command: sysctl vm.swappiness=33
+
+    - name: Set sysctl property using module
+      sysctl:
+        name: vm.swappiness
+        value: '22'
+        state: present
+        reload: yes
+      register: sysctl_set2
+
+    - name: Read /etc/sysctl.conf
+      command: 'egrep -v ^# /etc/sysctl.conf'
+      register: sysctl_conf_content
+
+    - name: Get current value of vm.swappiness
+      command: sysctl -n vm.swappiness
+      register: sysctl_current_vm_swappiness
+
+    - name: Ensure changes were made appropriately
+      assert:
+        that:
+          - sysctl_set1 is changed
+          - sysctl_set2 is changed
+          - "'vm.swappiness=22' in sysctl_conf_content.stdout_lines"
+          - sysctl_current_vm_swappiness.stdout == '22'
+
+    # Test reload: yes in check mode
+    - name: Set the same value using module in check mode
+      sysctl:
+        name: vm.swappiness
+        value: '22'
+        state: present
+        reload: yes
+      check_mode: yes
+      register: sysctl_check_mode1
+
+    - name: Set a different value using module in check mode
+      sysctl:
+        name: vm.swappiness
+        value: '44'
+        state: present
+        reload: yes
+      check_mode: yes
+      register: sysctl_check_mode2
+
+    - name: Read /etc/sysctl.conf
+      command: 'egrep -v ^# /etc/sysctl.conf'
+      register: sysctl_check_mode_conf_content
+
+    - name: Get current value of vm.swappiness
+      command: sysctl -n vm.swappiness
+      register: sysctl_check_mode_current_vm_swappiness
+
+    - name: Ensure no changes were made in check mode
+      assert:
+        that:
+          - sysctl_check_mode1 is success
+          - sysctl_check_mode2 is changed
+          - "'vm.swappiness=22' in sysctl_check_mode_conf_content.stdout_lines"
+          - sysctl_check_mode_current_vm_swappiness.stdout == '22'