@ -21,6 +21,8 @@ version_added: "1.4"
short_description : Sets and retrieves file ACL information . short_description : Sets and retrieves file ACL information .
description : description :
- Sets and retrieves file ACL information .
- Sets and retrieves file ACL information .
notes :
- As of Ansible 2.0 , this module only supports Linux distributions .
options : options :
name :
name :
required : true
required : true
@ -80,7 +82,7 @@ options:
- DEPRECATED . The acl to set or remove . This must always be quoted in the form of ' <etype>:<qualifier>:<perms> ' . The qualifier may be empty for some types , but the type and perms are always requried . ' - ' can be used as placeholder when you do not care about permissions . This is now superseded by entity , type and permissions fields .
- DEPRECATED . The acl to set or remove . This must always be quoted in the form of ' <etype>:<qualifier>:<perms> ' . The qualifier may be empty for some types , but the type and perms are always requried . ' - ' can be used as placeholder when you do not care about permissions . This is now superseded by entity , type and permissions fields .
recursive :
recursive :
version_added : " @@@ "
version_added : " 2.0 "
required : false
required : false
default : no
default : no
choices : [ ' yes ' , ' no ' ]
choices : [ ' yes ' , ' no ' ]
@ -150,7 +152,10 @@ def split_entry(entry):
def build_entry ( etype , entity , permissions = None ) : def build_entry ( etype , entity , permissions = None ) :
''' Builds and returns an entry string. Does not include the permissions bit if they are not provided. '''
''' Builds and returns an entry string. Does not include the permissions bit if they are not provided. '''
return etype + ' : ' + entity + ( ' : ' + permissions if permissions else ' ' )
if permissions :
return etype + ' : ' + entity + ' : ' + permissions
else :
return etype + ' : ' + entity
def build_command ( module , mode , path , follow , default , recursive , entry = ' ' ) : def build_command ( module , mode , path , follow , default , recursive , entry = ' ' ) :
@ -163,6 +168,7 @@ def build_command(module, mode, path, follow, default, recursive, entry=''):
cmd . append ( ' -x " %s " ' % entry )
cmd . append ( ' -x " %s " ' % entry )
else : # mode == 'get'
else : # mode == 'get'
cmd = [ module . get_bin_path ( ' getfacl ' , True ) ]
cmd = [ module . get_bin_path ( ' getfacl ' , True ) ]
# prevents absolute path warnings and removes headers
cmd . append ( ' --omit-header ' )
cmd . append ( ' --omit-header ' )
cmd . append ( ' --absolute-names ' )
cmd . append ( ' --absolute-names ' )
@ -187,7 +193,11 @@ def acl_changed(module, cmd):
cmd = cmd [ : ] # lists are mutables so cmd would be overriden without this
cmd = cmd [ : ] # lists are mutables so cmd would be overriden without this
cmd . insert ( 1 , ' --test ' )
cmd . insert ( 1 , ' --test ' )
lines = run_acl ( module , cmd )
lines = run_acl ( module , cmd )
return not all ( line . endswith ( ' *,* ' ) for line in lines )
for line in lines :
if not line . endswith ( ' *,* ' ) :
return False
return True
def run_acl ( module , cmd , check_rc = True ) : def run_acl ( module , cmd , check_rc = True ) :
@ -206,6 +216,9 @@ def run_acl(module, cmd, check_rc=True):
def main ( ) : def main ( ) :
if get_platform ( ) . lower ( ) != ' linux ' :
module . fail_json ( msg = " The acl module is only available for Linux distributions. " )
module = AnsibleModule (
module = AnsibleModule (
argument_spec = dict (
argument_spec = dict (
name = dict ( required = True , aliases = [ ' path ' ] , type = ' str ' ) ,
name = dict ( required = True , aliases = [ ' path ' ] , type = ' str ' ) ,
@ -295,7 +308,7 @@ def main():
run_acl ( module , command , False )
run_acl ( module , command , False )
msg = " %s is absent " % entry
msg = " %s is absent " % entry
el se:
el if stat e == ' query ' :
msg = " current acl "
msg = " current acl "
acl = run_acl (
acl = run_acl (
Jérémie Astori
9 years ago
committed by