O'Reilly logo

CFEngine 3 Beginner's Guide by Rajneesh

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Access control using CFEngine

Access control using an access control list (acl) may be used to defined access for various users on specific files and directories. This is an agent control promise. This is available only in CFEngine Nova or above. Let's see the syntax for setting ACLs:

  • acl (compound body)
    • Type: ext body
    • 'aces' Type: slist
    • Allowed input range: ((user|group):[^:]+:[-=+,rwx()dtTabBpcoD]*(:
    • (allow|deny))?)|((all|mask) =+,rwx()]*(:(allow|deny))?)

      The 'aces' constraint type defines the native settings for access control lists.

  • 'acl_directory_inherit'
    • Type: (menu option)
    • Allowed input range: nochange, parent, specify, clear

      A directory has default ACLs associated with them but in addition to this the ACLs may be inherited by the directories of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required