This cookbook is only being tested against Chef 11.4.4 at this time.
In order to use this cookbook, you'll need to "wrap" it in an implementing cookbook with all of the ACL templates, or specific ACL patterns you wish to apply.
To begin, simply add include_recipe "posix-acl::default" to your implementing cookbook. This
will ensure that acl support is enabled and that the requisite OS package is installed.
After adding the default recipe, you will need to override the default attributes so that they match your environment.
This is an example of how to create a template from within your wrapper cookbook:
posix_acl_manage_template 'vagrant_template' do
action :create # This can also be :delete
template_name 'vagrant_template'
template_content %w{
user::rwx
user:vagrant:rwx
group::rwx
group:vagrant:rwx
mask::rwx
other::r-X
default:user::rwx
default:user:vagrant:rwx
default:group::rwx
default:group:vagrant:rwx
default:mask::rwx
default:other::r-X
}
endThis is an example of applying ACLs from a template that has been created:
posix_acl_manage_acl 'apply_vagrant' do action :apply # This can also be :remove apply_to '/opt' # The path to apply ACLs to. template_name 'vagrant_template' # If you are removing ACLs, you don't need this. recursive true # If your 'apply_to' value is a file, this must be false. end
default['posix_acl']['fstab_path'] = '/etc/fstab'
default['posix_acl']['fstab_backup'] = '/etc/fstab.bak'
This is the physical device (or partition label) you wish for the cookbook to enable ACLs on. e.g. - "/dev/sda1" (or just "sda1" is ok) or "LABEL=server-store
default['posix_acl']['mount_point_device'] = 'LABEL=cloudimg-rootfs'
default['posix_acl']['mount_point'] = '/'
default['posix_acl']['template_store'] = '/usr/local/lib'
Author:: Jon Chappell ([email protected])