Bootstrap FreeKB - Ansible - Create and modify access control list entries using the acl module
Ansible - Create and modify access control list entries using the acl module

Updated:   |  Ansible articles

If you are not familiar with modules, check out Ansible - Getting Started with Modules.

The acl module is used to create and modify access control list entries, similar to the getfacl and setfacl commands.In this example, an ACL entry is set on the /var/www directory so that by default john.doe (user) has rwx permission.

- name: setfacl --default --modify user:webadmin:rwx /var/www
  acl:
    path: /var/www
    entity: webadmin
    etype: user
    permissions: rwx
    state: present
    default: yes

 

In this example, an ACL entry is set on the /var/www directory so that by default the webgroup group has rwx permission.

- name: setfacl --default --modify group:webgroup:rwx /var/www
  acl:
    path: /var/www
    entity: webgroup
    etype: group
    permissions: rwx
    state: present
    default: yes

 

In this example, an ACL entry is set on the /var/www directory so that by default other has r (read only) permission.

- name: setfacl --default --modify group:webgroup:rwx /var/www
  acl:
    path: /var/www
    etype: other
    permissions: r
    state: present
    default: yes

 

The recursive option can be used to apply the ACL change to every file and directory below the parent directory.

- name: setfacl --default --modify g:webgroup:rwx /var/www
  acl:
    path: /var/www
    entity: webgroup
    etype: group
    permissions: rwx
    state: present
    default: yes
    recursive: true

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 606370 in the box below so that we can be sure you are a human.