archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1947 from astorije/astorije/fix-acl

Browse Source 
Fix the acl module
reviewable/pr18780/r1
James Cammarata 10 years ago
parent cf2be9607c 72fb7a0a17
commit 310cf77edc
1 changed files with 16 additions and 19 deletions
Show Stats Download Patch File Download Diff File

35
files/acl.py
Unescape Escape View File

@ -21,7 +21,7 @@ module: acl
version_added: "1.4" version_added: "1.4"
short_description: Sets and retrieves file ACL information. short_description: Sets and retrieves file ACL information.
description: description:
- Sets and retrieves file ACL information. - Sets and retrieves file ACL information.
notes: notes:
- As of Ansible 2.0, this module only supports Linux distributions. - As of Ansible 2.0, this module only supports Linux distributions.
options: options:
@ -122,21 +122,15 @@ acl:
sample: [ "user::rwx", "group::rwx", "other::rwx" ] sample: [ "user::rwx", "group::rwx", "other::rwx" ]
''' '''
def split_entry(entry): def split_entry(entry):
''' splits entry and ensures normalized return''' ''' splits entry and ensures normalized return'''
a = entry.split(':') a = entry.split(':')
a.reverse() if len(a) == 2:
if len(a) == 3: a.append(None)
a.append(False)
try:
p, e, t, d = a
except ValueError, e:
print "wtf?? %s => %s" % (entry, a)
raise e
if d: t, e, p = a
d = True
if t.startswith("u"): if t.startswith("u"):
t = "user" t = "user"
@ -149,7 +143,7 @@ def split_entry(entry):
else: else:
t = None t = None
return [d, t, e, p] return [t, e, p]
def build_entry(etype, entity, permissions=None): def build_entry(etype, entity, permissions=None):
@ -161,7 +155,7 @@ def build_entry(etype, entity, permissions=None):
def build_command(module, mode, path, follow, default, recursive, entry=''): def build_command(module, mode, path, follow, default, recursive, entry=''):
'''Builds and returns agetfacl/setfacl command.''' '''Builds and returns a getfacl/setfacl command.'''
if mode == 'set': if mode == 'set':
cmd = [module.get_bin_path('setfacl', True)] cmd = [module.get_bin_path('setfacl', True)]
cmd.append('-m "%s"' % entry) cmd.append('-m "%s"' % entry)
@ -178,7 +172,7 @@ def build_command(module, mode, path, follow, default, recursive, entry=''):
cmd.append('--recursive') cmd.append('--recursive')
if not follow: if not follow:
cmd.append('-h') cmd.append('--physical')
if default: if default:
if(mode == 'rm'): if(mode == 'rm'):
@ -198,8 +192,8 @@ def acl_changed(module, cmd):
for line in lines: for line in lines:
if not line.endswith('*,*'): if not line.endswith('*,*'):
return False return True
return True return False
def run_acl(module, cmd, check_rc=True): def run_acl(module, cmd, check_rc=True):
@ -275,13 +269,16 @@ def main():
if etype or entity or permissions: if etype or entity or permissions:
module.fail_json(msg="'entry' MUST NOT be set when 'entity', 'etype' or 'permissions' are set.") module.fail_json(msg="'entry' MUST NOT be set when 'entity', 'etype' or 'permissions' are set.")
if state == 'present' and entry.count(":") != 3: if state == 'present' and entry.count(":") != 2:
module.fail_json(msg="'entry' MUST have 3 sections divided by ':' when 'state=present'.") module.fail_json(msg="'entry' MUST have 3 sections divided by ':' when 'state=present'.")
if state == 'absent' and entry.count(":") != 2: if state == 'absent' and entry.count(":") != 1:
module.fail_json(msg="'entry' MUST have 2 sections divided by ':' when 'state=absent'.") module.fail_json(msg="'entry' MUST have 2 sections divided by ':' when 'state=absent'.")
default, etype, entity, permissions = split_entry(entry) if state == 'query':
module.fail_json(msg="'entry' MUST NOT be set when 'state=query'.")
etype, entity, permissions = split_entry(entry)
changed = False changed = False
msg = "" msg = ""

Write Preview
Loading…
Cancel
Save