ansible / ansible.posix / 1.5.4 / module / acl Set and retrieve file ACL information. | "added in version" 1.0.0 of ansible.posix" Authors: Brian Coca (@bcoca), Jérémie Astori (@astorije)ansible.posix.acl (1.5.4) — module
Install with ansible-galaxy collection install ansible.posix:==1.5.4
collections: - name: ansible.posix version: 1.5.4
Set and retrieve file ACL information.
- name: Grant user Joe read access to a file ansible.posix.acl: path: /etc/foo.conf entity: joe etype: user permissions: r state: present
- name: Removes the ACL for Joe on a specific file ansible.posix.acl: path: /etc/foo.conf entity: joe etype: user state: absent
- name: Sets default ACL for joe on /etc/foo.d/ ansible.posix.acl: path: /etc/foo.d/ entity: joe etype: user permissions: rw default: true state: present
- name: Same as previous but using entry shorthand ansible.posix.acl: path: /etc/foo.d/ entry: default:user:joe:rw- state: present
- name: Obtain the ACL for a specific file ansible.posix.acl: path: /etc/foo.conf register: acl_info
path: aliases: - name description: - The full path of the file or object. required: true type: path entry: description: - DEPRECATED. - The ACL to set or remove. - This must always be quoted in the form of C(<etype>:<qualifier>:<perms>). - The qualifier may be empty for some types, but the type and perms are always required. - C(-) can be used as placeholder when you do not care about permissions. - This is now superseded by entity, type and permissions fields. type: str etype: choices: - group - mask - other - user description: - The entity type of the ACL to apply, see C(setfacl) documentation for more info. type: str state: choices: - absent - present - query default: query description: - Define whether the ACL should be present or not. - The C(query) state gets the current ACL without changing it, for use in C(register) operations. type: str entity: default: '' description: - The actual user or group that the ACL applies to when matching entity types user or group are selected. type: str follow: default: true description: - Whether to follow symlinks on the path if a symlink is encountered. type: bool default: default: false description: - If the target is a directory, setting this to C(true) will make it the default ACL for entities created inside the directory. - Setting C(default) to C(true) causes an error if the path is a file. type: bool recursive: aliases: - recurse default: false description: - Recursively sets the specified ACL. - Incompatible with C(state=query). - Alias C(recurse) added in version 1.3.0. type: bool permissions: description: - The permissions to apply/remove can be any combination of C(r), C(w), C(x) - (read, write and execute respectively), and C(X) (execute permission if the file is a directory or already has execute permission for some user) type: str use_nfsv4_acls: default: false description: - Use NFSv4 ACLs instead of POSIX ACLs. type: bool recalculate_mask: choices: - default - mask - no_mask default: default description: - Select if and when to recalculate the effective right masks of the files. - See C(setfacl) documentation for more info. - Incompatible with C(state=query). type: str
acl: description: Current ACL on provided path (after changes, if any) returned: success sample: - user::rwx - group::rwx - other::rwx type: list