acl – Set and retrieve file ACL information¶
aclmodule requires that ACLs are enabled on the target filesystem and that the
getfaclbinaries are installed.
- As of Ansible 2.0, this module only supports Linux distributions.
- As of Ansible 2.3, the name option has been changed to path as default, but name still works as well.
- name: Grant user Joe read access to a file acl: path: /etc/foo.conf entity: joe etype: user permissions: r state: present - name: Removes the ACL for Joe on a specific file acl: path: /etc/foo.conf entity: joe etype: user state: absent - name: Sets default ACL for joe on /etc/foo.d/ acl: path: /etc/foo.d/ entity: joe etype: user permissions: rw default: yes state: present - name: Same as previous but using entry shorthand acl: path: /etc/foo.d/ entry: default:user:joe:rw- state: present - name: Obtain the ACL for a specific file acl: path: /etc/foo.conf register: acl_info
Common return values are documented here, the following are the fields unique to this module:
Current ACL on provided path (after changes, if any)
['user::rwx', 'group::rwx', 'other::rwx']