Add nomask option to the acl module (#39810)
* Add nomask option to the acl module * acl: allow to choose if and when to recalculate the effective right masks of the files
This commit is contained in:
parent
c4bf168940
commit
9b0883c70d
1 changed files with 30 additions and 6 deletions
|
@ -73,6 +73,14 @@ options:
|
|||
type: bool
|
||||
default: 'no'
|
||||
version_added: "2.0"
|
||||
|
||||
recalculate_mask:
|
||||
description:
|
||||
- Select if and when to recalculate the effective right masks of the files, see setfacl documentation for more info. Incompatible with C(state=query).
|
||||
choices: [ default, mask, no_mask ]
|
||||
default: 'default'
|
||||
version_added: "2.6"
|
||||
|
||||
author:
|
||||
- Brian Coca (@bcoca)
|
||||
- Jérémie Astori (@astorije)
|
||||
|
@ -174,7 +182,7 @@ def build_entry(etype, entity, permissions=None, use_nfsv4_acls=False):
|
|||
return etype + ':' + entity
|
||||
|
||||
|
||||
def build_command(module, mode, path, follow, default, recursive, entry=''):
|
||||
def build_command(module, mode, path, follow, default, recursive, recalculate_mask, entry=''):
|
||||
'''Builds and returns a getfacl/setfacl command.'''
|
||||
if mode == 'set':
|
||||
cmd = [module.get_bin_path('setfacl', True)]
|
||||
|
@ -192,6 +200,11 @@ def build_command(module, mode, path, follow, default, recursive, entry=''):
|
|||
if recursive:
|
||||
cmd.append('--recursive')
|
||||
|
||||
if recalculate_mask == 'mask' and mode in ['set', 'rm']:
|
||||
cmd.append('--mask')
|
||||
elif recalculate_mask == 'no_mask' and mode in ['set', 'rm']:
|
||||
cmd.append('--no-mask')
|
||||
|
||||
if not follow:
|
||||
if get_platform().lower() == 'linux':
|
||||
cmd.append('--physical')
|
||||
|
@ -261,6 +274,12 @@ def main():
|
|||
follow=dict(required=False, type='bool', default=True),
|
||||
default=dict(required=False, type='bool', default=False),
|
||||
recursive=dict(required=False, type='bool', default=False),
|
||||
recalculate_mask=dict(
|
||||
required=False,
|
||||
default='default',
|
||||
choices=['default', 'mask', 'no_mask'],
|
||||
type='str'
|
||||
),
|
||||
use_nfsv4_acls=dict(required=False, type='bool', default=False)
|
||||
),
|
||||
supports_check_mode=True,
|
||||
|
@ -278,13 +297,18 @@ def main():
|
|||
follow = module.params.get('follow')
|
||||
default = module.params.get('default')
|
||||
recursive = module.params.get('recursive')
|
||||
recalculate_mask = module.params.get('recalculate_mask')
|
||||
use_nfsv4_acls = module.params.get('use_nfsv4_acls')
|
||||
|
||||
if not os.path.exists(path):
|
||||
module.fail_json(msg="Path not found or not accessible.")
|
||||
|
||||
if state == 'query' and recursive:
|
||||
module.fail_json(msg="'recursive' MUST NOT be set when 'state=query'.")
|
||||
if state == 'query':
|
||||
if recursive:
|
||||
module.fail_json(msg="'recursive' MUST NOT be set when 'state=query'.")
|
||||
|
||||
if recalculate_mask in ['mask', 'no_mask']:
|
||||
module.fail_json(msg="'recalculate_mask' MUST NOT be set to 'mask' or 'no_mask' when 'state=query'.")
|
||||
|
||||
if not entry:
|
||||
if state == 'absent' and permissions:
|
||||
|
@ -324,7 +348,7 @@ def main():
|
|||
entry = build_entry(etype, entity, permissions, use_nfsv4_acls)
|
||||
command = build_command(
|
||||
module, 'set', path, follow,
|
||||
default, recursive, entry
|
||||
default, recursive, recalculate_mask, entry
|
||||
)
|
||||
changed = acl_changed(module, command)
|
||||
|
||||
|
@ -336,7 +360,7 @@ def main():
|
|||
entry = build_entry(etype, entity, use_nfsv4_acls)
|
||||
command = build_command(
|
||||
module, 'rm', path, follow,
|
||||
default, recursive, entry
|
||||
default, recursive, recalculate_mask, entry
|
||||
)
|
||||
changed = acl_changed(module, command)
|
||||
|
||||
|
@ -349,7 +373,7 @@ def main():
|
|||
|
||||
acl = run_acl(
|
||||
module,
|
||||
build_command(module, 'get', path, follow, default, recursive)
|
||||
build_command(module, 'get', path, follow, default, recursive, recalculate_mask)
|
||||
)
|
||||
|
||||
module.exit_json(changed=changed, msg=msg, acl=acl)
|
||||
|
|
Loading…
Reference in a new issue