Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3212

Unable to clear ACLs of files/dirs

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: 3.10.3
    • Fix Version/s: None
    • Component/s: cf-agent
    • Labels:
    • Platform:
      RHEL or CentOS
    • Found in version (details):
      3.10.3

      Description

      (Systems: CFEngine community 3.10.3; RHEL7).

      We have some historical files promises that applied ACLs to particular directories and files (in addition to a usual "perms => mog(...)" clause):

          files:
              some_class::
               "some_file_or_dir"
                 perms => mog(...),
                 acl => our_acl_body(...);
      

      We now wish to promise to remove those detailed ACLs, so that the file/dir permissions are solely traditional "user/group/other rwxrwxrwx" (via the "perms => mog(...)").

      It's not clear from the documentation how to adjust this to achieve the "only the 'mog(...)'" result. Given that even the "setfacl(1)" command has a separate, explicit "--remove" flag, I suspect that CFEngine currently lacks this capability.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              davidlee David Lee
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Summary Panel