posix_acl::requirements: install the acl package
posix_acl: Ensures that a set of ACL permissions are applied to a given file or directory. Example: posix_acl { '/var/www/html': action
install the acl package
Ensures that a set of ACL permissions are applied to a given file or directory.
Example:
posix_acl { '/var/www/html':
action => exact,
permission => [
'user::rwx',
'group::r-x',
'mask::rwx',
'other::r--',
'default:user::rwx',
'default:user:www-data:r-x',
'default:group::r-x',
'default:mask::rwx',
'default:other::r--',
],
provider => posixacl,
recursive => true,
}
In this example, Puppet will ensure that the user and group permissions are set recursively on /var/www/html as well as add default permissions that will apply to new directories and files created under /var/www/html
Setting an ACL can change a file's mode bits, so if the file is managed by a File resource, that resource needs to set the mode bits according to what the calculated mode bits will be, for example, the File resource for the ACL above should be:
file { '/var/www/html':
mode => 754,
}
The following properties are available in the posix_acl type.
ACL permission(s).
The following parameters are available in the posix_acl type.
Valid values: set, unset, exact, purge
What do we do with this list of ACLs? Options are set, unset, exact, and purge
Default value: set
Valid values: false, quiet, notify
What to do if files are missing: false: fail run, quiet: quietly do nothing, notify: do not try to to set ACL, but add notice to run
Default value: false
namevar
The file or directory to which the ACL applies.
The specific backend to use for this posix_acl resource. You will seldom need to specify this --- Puppet will usually
discover the appropriate provider for your platform.
Valid values: lazy, deep
Should Puppet apply the ACL recursively with the -R option or apply it to individual files?
lazy means -R option deep means apply to every file
Default value: lazy
Valid values: true, false
Apply ACLs recursively.
Default value: false