salt.modules.linux_acl

Support for Linux File Access Control Lists

The Linux ACL module requires the getfacl and setfacl binaries.

salt.modules.linux_acl.delfacl(acl_type, acl_name='', *args, **kwargs)

Remove specific FACL from the specified file(s)

CLI Examples:

salt '*' acl.delfacl user myuser /tmp/house/kitchen
salt '*' acl.delfacl default:group mygroup /tmp/house/kitchen
salt '*' acl.delfacl d:u myuser /tmp/house/kitchen
salt '*' acl.delfacl g myuser /tmp/house/kitchen /tmp/house/livingroom
salt '*' acl.delfacl user myuser /tmp/house/kitchen recursive=True
salt.modules.linux_acl.getfacl(*args, **kwargs)

Return (extremely verbose) map of FACLs on specified file(s)

CLI Examples:

salt '*' acl.getfacl /tmp/house/kitchen
salt '*' acl.getfacl /tmp/house/kitchen /tmp/house/livingroom
salt '*' acl.getfacl /tmp/house/kitchen /tmp/house/livingroom recursive=True
salt.modules.linux_acl.modfacl(acl_type, acl_name='', perms='', *args, **kwargs)

Add or modify a FACL for the specified file(s)

CLI Examples:

salt '*' acl.modfacl user myuser rwx /tmp/house/kitchen
salt '*' acl.modfacl default:group mygroup rx /tmp/house/kitchen
salt '*' acl.modfacl d:u myuser 7 /tmp/house/kitchen
salt '*' acl.modfacl g mygroup 0 /tmp/house/kitchen /tmp/house/livingroom
salt '*' acl.modfacl user myuser rwx /tmp/house/kitchen recursive=True
salt '*' acl.modfacl user myuser rwx /tmp/house/kitchen raise_err=True
salt.modules.linux_acl.version()

Return facl version from getfacl --version

CLI Example:

salt '*' acl.version
salt.modules.linux_acl.wipefacls(*args, **kwargs)

Remove all FACLs from the specified file(s)

CLI Examples:

salt '*' acl.wipefacls /tmp/house/kitchen
salt '*' acl.wipefacls /tmp/house/kitchen /tmp/house/livingroom
salt '*' acl.wipefacls /tmp/house/kitchen /tmp/house/livingroom recursive=True