Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3212

Unable to clear ACLs of files/dirs

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: 3.10.3
    • Fix Version/s: None
    • Component/s: cf-agent
    • Labels:

      Description

      (Systems: CFEngine community 3.10.3; RHEL7).

      We have some historical files promises that applied ACLs to particular directories and files (in addition to a usual "perms => mog(...)" clause):

          files:
              some_class::
               "some_file_or_dir"
                 perms => mog(...),
                 acl => our_acl_body(...);
      

      We now wish to promise to remove those detailed ACLs, so that the file/dir permissions are solely traditional "user/group/other rwxrwxrwx" (via the "perms => mog(...)").

      It's not clear from the documentation how to adjust this to achieve the "only the 'mog(...)'" result. Given that even the "setfacl(1)" command has a separate, explicit "--remove" flag, I suspect that CFEngine currently lacks this capability.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            davidlee David Lee
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: