Project

General

Profile

Actions

User story #12271

open

Generic method to set POSIX ACL

Added by François ARMAND over 6 years ago. Updated over 1 year ago.

Status:
New
Priority:
N/A
Category:
Generic methods
UX impact:
Suggestion strength:
Require - I need this to use Rudder as I intend
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Name check:
Fix check:
Regression:

Description

We want to provide generic methods for POSIX ACL.

The requirements are:

- we need to be able to manage N ACL on P files in a single Technique built with these generic methods,
- we need to be able to define at minimum a list of files, ideally some fileset

It seems necessary to propose several methods that would let the user choose the reporting level he wants (or need):

- one ACL on one File (very precise, but may become extremely verbose)
- one ACL on a file set
- N ACLs on a file
- N ACLs on a file set.

Even in the case where we have N ACLs on a fileset, we need to provide verbose error message tracing exactly what problem was encountered on what file.

We will need to propose at least 3 kinds of action (and so 3 kinds of methods):

- one that set ACL without touching other existing ones,
- one that set ACL exactly to what is provided as parameter (less prioritary),
- one that remove (one or all) ACLs.

These methods will need to check for libacl support (introduced in #12270) for agent capability support.


Subtasks 3 (0 open3 closed)

User story #14514: Add a generic method to add ACLs on a given fileReleasedNicolas CHARLESActions
Bug #14517: Add a generic method to remove posix ACLReleasedAlexis MoussetActions
User story #14528: Add a generic method to enforce posix ACLRejectedActions

Related issues 2 (0 open2 closed)

Related to Rudder - User story #12270: Add libacl to Rudder agentReleasedAlexis MoussetActions
Related to Rudder - User story #22386: Add a 'Permissions POSIX ACLs entry parent' methodReleasedNicolas CHARLESActions
Actions #1

Updated by François ARMAND over 6 years ago

Actions #2

Updated by François ARMAND over 6 years ago

  • Description updated (diff)
Actions #3

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.0~rc2 to 4.3.0~rc3
Actions #4

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.0~rc3 to 4.3.0
Actions #5

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.0 to 4.3.1
Actions #6

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.1 to 4.3.2
Actions #7

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.2 to 410
Actions #8

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 410 to 4.3.2
Actions #9

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.2 to 4.3.3
Actions #10

Updated by Vincent MEMBRÉ over 6 years ago

  • Target version changed from 4.3.3 to 4.3.4
Actions #11

Updated by Benoît PECCATTE over 6 years ago

  • Target version changed from 4.3.4 to 4.3.5
Actions #12

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.3.5 to 4.3.6
Actions #13

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.3.6 to 4.3.7
Actions #14

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.3.7 to 4.3.8
Actions #15

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.3.8 to 4.3.9
Actions #16

Updated by Alexis Mousset almost 6 years ago

  • Target version changed from 4.3.9 to 4.3.10
Actions #17

Updated by François ARMAND over 5 years ago

  • Target version changed from 4.3.10 to 4.3.11
Actions #18

Updated by Félix DALLIDET over 5 years ago

  • Status changed from New to In progress
  • Assignee set to Félix DALLIDET
Actions #20

Updated by Félix DALLIDET over 5 years ago

After working a bit with the cfengine lib, we can not yet:
-Force/remove a given component ACL. Ex: I want to remove all user specific ACL, but not change the group or other one.
-Manage the default ACLs on directories without enforcing all the complete list of ACEs at once.

We can:
-Add/remove specific ACEs for given user/group/other, but not for the default ones on directories
-Remove ACL of a file, and get back to a classic Unix right system
-Force a complete set of ACL, it is the only way to set "default" ACLs on directories that I could find.

Actions #21

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.3.11 to 4.3.12
Actions #22

Updated by Benoît PECCATTE over 5 years ago

  • Target version changed from 4.3.12 to 5.0.10
Actions #23

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 5.0.10 to 5.0.11
Actions #24

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 5.0.11 to 5.0.12
Actions #25

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 5.0.12 to 5.0.13
Actions #26

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.13 to 5.0.14
Actions #27

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #28

Updated by Vincent MEMBRÉ almost 5 years ago

  • Target version changed from 5.0.15 to 5.0.16
Actions #29

Updated by Alexis Mousset almost 5 years ago

  • Target version changed from 5.0.16 to 5.0.17
Actions #30

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.17 to 5.0.18
Actions #31

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.18 to 5.0.19
Actions #32

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.19 to 5.0.20
Actions #33

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.20 to 797
Actions #34

Updated by Benoît PECCATTE over 3 years ago

  • Target version changed from 797 to 6.1.14
Actions #35

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.14 to 6.1.15
Actions #36

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.15 to 6.1.16
Actions #37

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.16 to 6.1.17
Actions #38

Updated by Benoît PECCATTE about 3 years ago

  • Project changed from 41 to Rudder
  • Category changed from Generic methods - File Management to Generic methods
Actions #39

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.17 to 6.1.18
Actions #40

Updated by Vincent MEMBRÉ almost 3 years ago

  • Target version changed from 6.1.18 to 6.1.19
Actions #41

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.19 to 6.1.20
Actions #42

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.20 to 6.1.21
Actions #44

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.21 to old 6.1 issues to relocate
Actions #45

Updated by Alexis Mousset over 1 year ago

  • Status changed from In progress to New
Actions #46

Updated by Alexis Mousset over 1 year ago

  • Related to User story #22386: Add a 'Permissions POSIX ACLs entry parent' method added
Actions #47

Updated by Alexis Mousset over 1 year ago

  • Target version changed from old 6.1 issues to relocate to Ideas (not version specific)
Actions

Also available in: Atom PDF