Rudder

This GM should be able to add aces to a given file or set of file, without impacting the already defined other aces.

The "path" parameter will support the regex type defined here: https://docs.cfengine.com/docs/3.13/reference-functions-findfiles.html
Each file will have a dedicated line in the reporting but only one global report will be send.
Ex: /tmp/myDir/* will apply to every file and directory in /tmp/myDir

The current syntax for user or group ace must respect the format: ^$|[A-z0-9._-]+:[+-]r?w?x?$
Ex: myuser:+rwx, mystupidUser:-rwx
Syntax for "other" must respect the format: ^$|[+-]r?w?x?

Each parameter left blank will have no effect on the file.
Default mode for the recursivity will be "false".

It can be recursive or not, but can not modify the "default" ACLs of a given directory.