ansible-2.4.1.0-6.1

- Update to 2.4.1.0:
  * CVE-2017-7550: Prevent jenkins_plugin module from exposing
    passwords in remote host logs (bsc#1065872)
  * Various bug fixes and improvements

- Remove radical wording from descriptions.
  Use improved find syntax.

- update to 2.4.0.0 (final)
  Major Changes
  + Support for Python-2.4 and Python-2.5 on the managed system's side
    was dropped. If you need to manage a system that ships with Python-2.4
    or Python-2.5, you'll need to install Python-2.6 or better on the
    managed system or run Ansible-2.3 until you can upgrade the system.
  + New import/include keywords to replace the old bare include directives.
    The use of static: {yes|no} on such includes is now deprecated.
  ++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
  ++ Using include_* (include_tasks, include_role) directives are dynamic.
    This is done to avoid collisions and possible security issues as
    facts come from the remote targets and they might be compromised.
  + New order play level keyword that allows the user to change the
    order in which Ansible processes hosts when dispatching tasks.
  + Users can now set group merge priority for groups of the same depth
    (parent child relationship), using the new ansible_group_priority variable,
    when values are the same or don't exist it will fallback to the previous
    sorting by name'.
  + Inventory has been revamped:
  ++ Inventory classes have been split to allow for better
    management and deduplication
  ++ Logic that each inventory source duplicated is now common and pushed
    up to reconciliation
  ++ VariableManager has been updated for better interaction with inventory
  ++ Updated CLI with helper method to initialize base objects for plays
  ++ New inventory plugins for creating inventory
  ++ Old inventory formats are still supported via plugins
  ++ Inline host_list is also an inventory plugin, an example alternative
    advanced_host_list is also provided (it supports ranges)
  ++ New configuration option to list enabled plugins and precedence
    order: whitelist_inventory in ansible.cfg
  ++ vars_plugins have been reworked, they are now run from Vars manager
    and API has changed (need docs)
  ++ Loading group_vars/host_vars is now a vars plugin and can be overridden
  ++ It is now possible to specify mulitple inventory sources in the
    command line (-i /etc/hosts1 -i /opt/hosts2)
  ++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
    is affected by meta: refresh_inventory
  ++ Group variable precedence is now configurable via new 'precedence'
    option in ansible.cfg (needs docs)
  ++ Improved warnings and error messages across the board
  + Configuration has been changed from a hardcoded listing in the
    constants module to dynamically loaded from yaml definitions
  ++ Also added an ansible-config CLI to allow for listing config options
    and dumping current config (including origin)
  ++ TODO: build upon this to add many features detailed in ansible-config
    proposal https://github.com/ansible/proposals/issues/35
  + Windows modules now support the use of multiple shared module_utils
    files in the form of Powershell modules (.psm1), via
    [#]Requires -Module Ansible.ModuleUtils.Whatever.psm1
  + Python module argument_spec now supports custom validation logic
    by accepting a callable as the type argument.
  + Windows become_method: runas now works across all authtypes and
    will auto-elevate under UAC if WinRM user has "Act as part of the
    operating system" privilege
  - please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
    further changes
- added ansible-inventory and ansible-config binaries and manpages
- package contrib and examples directories in docdir
- package all *md files as documentation for now
- recommend the following new packages for (open)SUSE:
  + python-httplib2
  + python-keyczar
  + python-six
- enable/fix build for RHEL and Fedora by redefining __python2 and
  adding/enhancing the needed (build)requires if needed

- update to 2.3.2.0 (final)
- replaced hard-coded version by var

- update to 2.3.1.0 (final)
- clean up of spec file with spec-cleaner

- update to 2.3.1 RC1 (package version 2.3.0.1) (bsc#1056094):
  * SECURITY (MODERATE): fix for CVE-2017-7481, in which data for
    lookup plugins used as variables was not being correctly marked
    as "unsafe".
  * SECURITY (MODERATE): fix for CVE-2017-7466, which finally fixes
    an arbitrary command execution vulnerability

- update to 2.3.0.0
  for full list of changes see
  /usr/share/doc/packages/ansible/CHANGELOG.md

- update to 2.2.2.0
  This release fixes a few bugs introduced in the previous version,
  as well as another small tweak to catch an additional way in
  which CVE-2016-9587 could be triggered.

- update to 2.2.1.0 (final)

- security update to rc4 of 2.2.1.0 version
  CVE-2016-9587, CVE-2016-8628 and CVE-2016-8614
  for full list of changes see
  /usr/share/doc/packages/ansible/CHANGELOG.md

- update to 2.2.0.0
  (see /usr/share/doc/packages/ansible/CHANGELOG.md for details)

- update to 2.1.2.0
  (see /usr/share/doc/packages/ansible/CHANGELOG.md for details)

- update to 2.1.1.0
  (see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- changed download link to https://releases.ansible.com

- update to 2.1.0.0
  (see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- on SuSE platforms recommend package python-dnspython for
  DNS lookups in playbooks

- update to 2.0.2.0:
  * Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur,
    rather than all at once at the end of the task.
  * Fixed bugs related to the iteration of tasks when certain combinations of roles,
    blocks, and includes were used, especially when handling errors in rescue/always
    portions of blocks.
  * Fixed handling of redirects in our helper code, and ported the uri module to use
    this helper code. This removes the httplib dependency for this module while fixing
    some bugs related to redirects and SSL certs.
  * Fixed some bugs related to the incorrect creation of extra temp directories for
    uploading files, which were not cleaned up properly.
  * Improved error reporting in certain situations, to provide more information such as
    the playbook file/line.
  * Fixed a bug related to the variable precedence of role parameters, especially when
    a role may be used both as a dependency of a role and directly by itself within the
    same play.
  * Fixed some bugs in the 2.0 implementation of do/until.
  * Fixed some bugs related to run_once:
  - Ensure that all hosts are marked as failed if a task marked as run_once fails.
  - Show a warning when using the free strategy when a run_once task is encountered, as
    there is no way for the free strategy to guarantee the task is not run more than once.
  * Fixed a bug where the assemble module was not honoring check mode in some situations.
  * Fixed a bug related to delegate_to, where we were incorrectly using variables from
    the inventory host rather than the delegated-to host.
  * The 'package' meta-module now properly squashes items down to a single execution (as the
    apt/yum/other package modules do).
  * Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from
    the Galaxy server.
  * Pipelining support is now available for the local and jail connection plugins, which is
    useful for users who do not wish to have temp files/directories created when running
    tasks with these connection types.
  * Improvements in support for additional shell types.
  * Improvements in the code which is used to calculate checksums for remote files.
  * Some speed ups and bug fixes related to the variable merging code.
  * Workaround bug in python subprocess on El Capitan that was making vault fail
    when attempting to encrypt a file
  * Fix lxc_container module having predictable temp file names and setting file
    permissions on the temporary file too leniently on a temporary file that was
    executed as a script.  Addresses CVE-2016-3096
  * Fix a bug in the uri module where setting headers via module params that
    start with HEADER_ were causing a traceback.
  * Fix bug in the free strategy that was causing it to synchronize its workers
    after every task (making it a lot more like linear than it should have been).

- update to 2.0.1.0:
  * Fixes a major compatibility break in the synchronize module shipped
    with 2.0.0.x. That version of synchronize ran sudo on the controller
    prior to running rsync. In 1.9.x and previous, sudo was run on the
    host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
  * Additionally, several other problems with where synchronize chose
    to run when combined with delegate_to were fixed. In particular, if
    a playbook targetted localhost and then delegated_to a remote host
    the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
    the src and destination directories on the delegated host. This has
    now been fixed to copy between localhost and the delegated host.
  * Fix a regression where synchronize was unable to deal with unicode paths.
  * Fix a regression where synchronize deals with inventory hosts that
    use localhost but with an alternate port.
  * Fixes a regression where the retry files feature was not implemented.
  * Fixes a regression where the any_errors_fatal option was implemented
    in 2.0 incorrectly, and also adds a feature where any_errors_fatal
    can be set at the block level.
  * Fix tracebacks when playbooks or ansible itself were located in
    directories with unicode characters.
  * Fix bug when sending unicode characters to an external pager
    for display.
  * Fix a bug with squashing loops for special modules (mostly package
    managers). The optimization was squashing when the loop did not
    apply to the selection of packages. This has now been fixed.
  * Temp files created when using vault are now "shredded" using the
    unix shred program which overwrites the file with random data.
  * Some fixes to cloudstack modules for case sensitivity
  * Fix non-newstyle modules (non-python modules and old-style modules)
    to disabled pipelining.
  * Fix fetch module failing even if fail_on_missing is set to False
  * Fix for cornercase when local connections, sudo, and raw were
    used together.
  * Fix dnf module to remove dependent packages when state=absent is
    specified. This was a feature of the 1.9.x version that was left
    out by mistake when the module was rewritten for 2.0.
  * Fix bugs with non-english locales in yum, git, and apt modules
  * Fix a bug with the dnf module where state=latest could only
    upgrade, not install.

- fix_zypper_errorhandling.patch is being deleted

- update to 2.0.0.2
  Version 2.0 is a new major version with a lot of changes, among which:
  + New modules for cloud-based services and many more
  + The new block/rescue/always directives allow for making task blocks and exception-like semantics
  + Many API changes
- more info at:
  https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away

- build again on SLE-11-SP4 by ignoring some dependencies that are
  not available in the official OBS repository: python-paramiko,
  python-Jinja2, python-PyYAML, python-pycrypto

- update to 1.9.4
  This release addresses several bugs, most notably those related to
  the yum module (introduced in 1.9.3):
  + Fixes a bug where yum state=latest would error if there were no
    updates to install.
  + Fixes a bug where yum state=latest did not work with wildcard
    package names.
  + Fixes a bug in lineinfile relating to escape sequences.
  + Fixes a bug where vars_prompt was not keeping passwords private
    by default.
  + Fix ansible-galaxy and the hipchat callback plugin to check that
    the host it is contacting matches its TLS Certificate.

- Added fix_zypper_errorhandling.patch as it`s have not been accepted
  upstream, in lack of an reviewer. See patch for more comments

- update to 1.9.3:
  - Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted
    messages coming out as empty strings.
  - AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128.
  - Fix url fetching for SNI with python-2.7.9 or greater.  SNI does not work
    with python < 2.7.9.  The best workaround is probably to use the command
    module with curl or wget.
  - Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library
    supports those protocols
  - Fix ec2_ami_search module to check TLS Certificates
  - Fix the following extras modules to check TLS Certificates:
  - campfire
  - layman
  - librarto_annotate
  - twilio
  - typetalk
  - Fix docker module's parsing of docker-py version for dev checkouts
  - Fix docker module to work with docker server api 1.19
  - Change yum module's state=latest feature to update all packages specified in
    a single transaction.  This is the same type of fix as was made for yum's
    state=installed in 1.9.2 and both solves the same problems and with the same caveats.
  - Fixed a bug where stdout from a module might be blank when there were were non-printable
    ASCII characters contained within it

- update to 1.9.2:
  - Security fixes to check that hostnames match certificates with
    https urls (CVE-2015-3908; bnc #938161):
    + get_url and uri modules
    + url and etcd lookup plugins
  - Security fixes to the zone (Solaris containers), jail (bsd
    containers), and chroot connection plugins.  These plugins can be
    used to connect to their respective container types in leiu of the
    standard ssh connection.  Prior to this fix being applied these
    connection plugins didn't properly handle symlinks within the containers
    which could lead to files intended to be written to or read from the
    container being written to or read from the host system instead. (CVE
    pending)
  - Fixed a bug in the service module where init scripts were being
    incorrectly used instead of upstart/systemd.
  - Fixed a bug where sudo/su settings were not inherited from
    ansible.cfg correctly.
  - Fixed a bug in the rds module where a traceback may occur due to an
    unbound variable.
  - Fixed a bug where certain remote file systems where the SELinux
    context was not being properly set.
  - Re-enabled several windows modules which had been partially merged
    (via action plugins):
  + win_copy.ps1
  + win_copy.py
  + win_file.ps1
  + win_file.py
  + win_template.py
  - Fix bug using with_sequence and a count that is zero.  Also allows
    counting backwards isntead of forwards
  - Fix get_url module bug preventing use of custom ports with https
    urls
  - Fix bug disabling repositories in the yum module.
  - Fix giving yum module a url to install a package from on
    RHEL/CENTOS5
  - Fix bug in dnf module preventing it from working when yum-utils was
    not already installed

- updated to version 1.9.1
  * Fixed a bug related to Kerberos auth when using winrm with a domain account.
  * Fixing several bugs in the s3 module.
  * Fixed a bug with upstart service detection in the service module.
  * Fixed several bugs with the user module when used on OSX.
  * Fixed unicode handling in some module situations (assert and shell/command execution).
  * Fixed a bug in redhat_subscription when using the activationkey parameter.
  * Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
  * Added support for PostgreSQL 9.4 in rds_param_group
  * Several other minor fixes.

- updated to version 1.9.0.1
  * Added kerberos support to winrm connection plugin.
  * Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special
    tags and normalized tag resolution.  Added tag information to
  - -list-tasks and new --list-tags option.
  * Privilege Escalation generalization, new 'Become' system and variables
    now will handle existing and new methods.  Sudo and su have been kept
    for backwards compatibility.  New methods pbrun and pfexec in 'alpha'
    state, planned adding 'runas' for winrm connection plugin.
  * Improved ssh connection error reporting, now you get back the specific
    message from ssh.
  * Added facility to document task module return values for registered
    vars, both for ansible-doc and the docsite.  Documented copy, stats and
    acl modules, the rest must be updated individually (we will start doing
    so incrementally).
  * Optimize the plugin loader to cache available plugins much more
    efficiently.  For some use cases this can lead to dramatic improvements
    in startup time.
  * Overhaul of the checksum system, now supports more systems and more
    cases more reliably and uniformly.
  * Fix skipped tasks to not display their parameters if no_log is specified.
  * Many fixes to unicode support, standarized functions to make it easier
    to add to input/output boundries.
  * Added travis integration to github for basic tests, this should speed
    up ticket triage and merging.
  * environment: directive now can also be applied to play and is
    inhertited by tasks, which can still override it.
  * expanded facts and OS/distribution support for existing facts and
    improved performance with pypy.
  * new 'wantlist' option to lookups allows for selecting a list typed
    variable vs a command delimited string as the return.
  * the shared module code for file backups now uses a timestamp resolution
    of seconds (previouslly minutes).
  * allow for empty inventories, this is now a warning and not an error
  (for those using localhost and cloud modules).
  * sped up YAML parsing in ansible by up to 25% by switching to CParser loader.
- more info at:
  https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015

- updated to version 1.8.4 from 1.8.2
  * Fixed regressions in ec2 and mount modules, introduced in 1.8.3
  * Fixing a security bug related to the default permissions set on a
  tempoary file created when using "ansible-vault view ".
  * Many bug fixes, for both core code and core modules.

- updated to version 1.8.2 from 1.8.1
  * Windows modules should now be packaged correctly.
  * A bug regarding wildcard grant strings in the mysql_user module has been fixed.
  * Several other bugs regarding the postgresql modules have also been fixed.

- enable build for older RHEL and SLE distributions

- updated package to latest release ## 1.8.1 "You Really Got Me"
  * Various bug fixes in postgresql and mysql modules.
  * Fixed a bug related to lookup plugins used within roles not
    finding files based on the relative paths to the roles files/ directory.
  * Fixed a bug related to vars specified in plays being templated too early,
    resulting in incorrect variable interpolation.
  * Fixed a bug related to git submodules in bare repos.
  * fact caching support, pluggable, initially supports Redis (DOCS pending)
  * 'serial' size in a rolling update can be specified as a percentage
  * added new Jinja2 filters, 'min' and 'max' that take lists
  * new 'ansible_version' variable available contains a dictionary of version info
  * For ec2 dynamic inventory, ec2.ini can has various new configuration options
  * 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
  * no_log parameter now surpressess data from callbacks/output as well as syslog
  * ansible-galaxy install -f requirements.yml allows advanced options and installs
    from non-galaxy SCM sources and tarballs.
  * command_warnings feature will warn about when usage of the shell/command module
    can be simplified to use core modules - this can be enabled in ansible.cfg
  * new omit value can be used to leave off a parameter when not set, like so
    module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
    an empty value) if c was not set.
  * developers: 'baby JSON' in module responses, originally intended for writing modules
    in bash, is removed as a feature to simplify logic, script module remains available
    for running bash scripts.
  * async jobs started in "fire & forget" mode can now be checked on at a later time.
  * added ability to subcategorize modules for docs.ansible.com
  * added ability for shipped modules to have aliases with symlinks
  * added ability to deprecate older modules by starting with "_" and
    including "deprecated: message why" in module docs
  + New Modules:
  * cloud: rax_cdb - manages Rackspace Cloud Database instances
  * cloud: rax_cdb_database - manages Rackspace Cloud Databases
  * cloud: rax_cdb_user - manages Rackspace Cloud Database users
  * monitoring: zabbix_maintaince - handles outage windows with Zabbix
  * monitoring: bigpanda - support for bigpanda
  * net_infrastructure: a10_server - manages server objects on A10 devices
  * net_infrastructure: a10_service_group - manages service group objects on A10 devices
  * net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices
  * system: getent - read getent databases
  + Some other notable changes:
  * added the ability to set "instance filters" in the ec2.ini to limit results
    from the inventory plugin.
  * upgrades for various variable precedence items and parsing related items
  * added a new "follow" parameter to the file and copy modules, which allows
    actions to be taken on the target of a symlink rather than the symlink itself.
  * if a module should ever traceback, it will return a standard error, catchable
    by ignore_errors, versus an 'unreachable'
  * ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized.
  * ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options.
  * support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.).
  * docker: Added support for specifying the net type of the container.
  * docker: support for specifying read-only volumes.
  * docker: support for specifying the API version to use for the remote connection.
  * openstack modules: various improvements
  * irc: ssl support for the notification module
  * npm: fix flags passed to package installation
  * windows: improved error handling
  * setup: additional facts on System Z
  * apt_repository: certificate validation can be disabled if requested
  * pagerduty module: misc improvements
  * ec2_lc: public_ip boolean configurable in launch configurations
  * ec2_asg: fixes related to proper termination of an autoscaling group
  * win_setup: total memory fact correction
  * ec2_vol: ability to list existing volumes
  * ec2: can set optimized flag
  * various parser improvements
  * produce a friendly error message if the SSH key is too permissive
  * ec2_ami_search: support for SSD and IOPS provisioned EBS images
  * can set ansible_sudo_exe as an inventory variable which allows specifying
    a different sudo (or equivalent) command
  * git module: Submodule handling has changed.  Previously if you used the
    "recursive" parameter to handle submodules, ansible would track the
    submodule upstream's head revision.  This has been changed to checkout the
    version of the submodule specified in the superproject's git repository.
    This is inline with what git submodule update does.  If you want the old
    behaviour use the new module parameter track_submodules=yes
  * Checksumming of transferred files has been made more portable and now uses
    the sha1 algorithm instead of md5 to be compatible with FIPS-140.
  + As a small side effect, the fetch module no longer returns a useful value
    in remote_md5.  If you need a replacement, switch to using remote_checksum
    which returns the sha1sum of the remote file.
  * ansible-doc CLI tool contains various improvements for working with different terminals

- update to 1.7.2:
  - Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
  - Fixes a bug in vault where the password file option was not being used correctly internally.
  - Improved multi-line parsing when using YAML literal blocks (using > or |).
  - Fixed a bug with the file module and the creation of relative symlinks.
  - Fixed a bug where checkmode was not being honored during the templating of files.
  - Other various bug fixes.
- Switch to xz for source package

- add python-pywinrm to requirements to enable windows hosts automation

- update to 1.7.1:
  Major new features:
  + Windows support (alpha) using native PowerShell remoting
  + Tasks can now specify run_once: true, meaning they will be executed
    exactly once. This can be combined with delegate_to to trigger actions
    you want done just the one time versus for every host in inventory.
  New Modules:
  + cloud: azure
  + cloud: rax_meta
  + cloud: rax_scaling_group
  + cloud: rax_scaling_policy
  + windows: version of setup module
  + windows: version of slurp module
  + windows: win_feature
  + windows: win_get_url
  + windows: win_msi
  + windows: win_ping
  + windows: win_user
  + windows: win_service
  + windows: win_group
  New inventory scripts:
  + SoftLayer
  + Windows Azure
  Docker module bug fixes:
  + Fixed support for specifying rw/ro bind modes for volumes
  + Fixed support for allowing the tag in the image parameter
  Other notable changes:
  + Performance enhancements related to previous security fixes, which
    could cause slowness when modules returned very large JSON results.
    This specifically impacted the unarchive module frequently, which
    returns the details of all unarchived files in the result.
  + Inventory speed improvements for very large inventories.
  + Vault password files can now be executable, to support scripts
    that fetch the vault password.
  + Fixes an issue with the copy module when copying a directory that