Ansible - acl module (access control list getfacl setfacl)

If you are not familiar with modules, check out Ansible - Getting Started with Modules.

The acl module is used to create and modify access control list entries, similar to the getfacl and setfacl commands.In this example, an ACL entry is set on the /var/www directory so that by default john.doe (user) has rwx permission.

- name: setfacl --default --modify user:webadmin:rwx /var/www
  acl:
    path: /var/www
    entity: webadmin
    etype: user
    permissions: rwx
    state: present
    default: yes

 

In this example, an ACL entry is set on the /var/www directory so that by default the webgroup group has rwx permission.

- name: setfacl --default --modify group:webgroup:rwx /var/www
  acl:
    path: /var/www
    entity: webgroup
    etype: group
    permissions: rwx
    state: present
    default: yes

 

In this example, an ACL entry is set on the /var/www directory so that by default other has r (read only) permission.

- name: setfacl --default --modify group:webgroup:rwx /var/www
  acl:
    path: /var/www
    etype: other
    permissions: r
    state: present
    default: yes

 

The recursive option can be used to apply the ACL change to every file and directory below the parent directory.

- name: setfacl --default --modify g:webgroup:rwx /var/www
  acl:
    path: /var/www
    entity: webgroup
    etype: group
    permissions: rwx
    state: present
    default: yes
    recursive: true

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter 58924 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |