Recommended update for ansible-sap-install, ansible-sap-infrastructure, ansible-sap-infrastructure

Announcement ID: SUSE-RU-2025:02738-1
Release Date: 2025-08-08T08:23:20Z
Rating: moderate
References:
Affected Products:
  • openSUSE Leap 15.5
  • SAP Applications Module 15-SP5
  • SAP Applications Module 15-SP6
  • SAP Applications Module 15-SP7
  • SUSE Linux Enterprise Server for SAP Applications 15 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

Description:

This update for ansible-sap-install, ansible-sap-infrastructure, ansible-sap-infrastructure fixes the following issues:

ansible-sap-install: - Minor Changes: - New Feature - Add handling of OS specific vars - New Feature - SLES16 support, new vars for ha_cluster for corosync and zypper patterns - New Feature - Allow /software NFS mount - Add missing RHEL 10.x vars - Modify the kernel command line for SELinux also for RHEL 10 - Use the correct sap.conf file for RHEL 10 - SAP HANA scaleup post steps updated - Add opt-out for setting sidadm to noexpire - Bugfixes: - Fix documentation link in galaxy.yml - Make SELinux booleans persistent - Add retry attempts to zypper pattern installation - Update SLES16 pattern names and add packages for hardened images - Remove python3-rpm dependency in pre_steps_hana - Resolve situation with empty domain, but not undefined - Ensure sap_swpm_product_catalog_id is a string - Fix TEMP handling - Require inifile.params only on the managed node when reusing an existing inifile.params. - Sanitize hostname length - Remove duplicates from credentials_hana section

ansible-sap-infrastructure: - Minor Changes: - Allow Bastion SSH Proxy or direct (e.g. VPN) for all Infrastructure Platforms

ansible-sap-playbooks - Minor Changes: - Comply with Security regulations - Remove all hardcoded passwords - Add validation for placeholder and empty passwords to fail playbook at beginning - Update readme with warnings and explanations for password usage - Add recommended steps to use Ansible Vault - Bugfixes - Change few variables with 'true' to true where it was required (identified during testing) - Fix readme typo with incorrect role name. - Remove executable flag from yml files and fix typos in interactive mode

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SAP Applications Module 15-SP6
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-2738=1
  • SAP Applications Module 15-SP7
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP7-2025-2738=1
  • openSUSE Leap 15.5
    zypper in -t patch SUSE-2025-2738=1
  • SAP Applications Module 15-SP5
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2025-2738=1

Package List:

  • SAP Applications Module 15-SP6 (noarch)
    • ansible-sap-install-1.6.0-150500.11.6.1
    • ansible-sap-playbooks-1.2.0-150500.11.3.1
    • ansible-sap-infrastructure-1.1.3-150500.11.6.1
  • SAP Applications Module 15-SP7 (noarch)
    • ansible-sap-install-1.6.0-150500.11.6.1
    • ansible-sap-playbooks-1.2.0-150500.11.3.1
    • ansible-sap-infrastructure-1.1.3-150500.11.6.1
  • openSUSE Leap 15.5 (noarch)
    • ansible-sap-install-1.6.0-150500.11.6.1
    • ansible-sap-playbooks-1.2.0-150500.11.3.1
    • ansible-sap-infrastructure-1.1.3-150500.11.6.1
  • SAP Applications Module 15-SP5 (noarch)
    • ansible-sap-install-1.6.0-150500.11.6.1
    • ansible-sap-playbooks-1.2.0-150500.11.3.1
    • ansible-sap-infrastructure-1.1.3-150500.11.6.1