Added writable_acl_groups
option to acl mode in deploy:writable
#3957
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Managing writable files owned by the
http_user
can be challenging in environments where multiple auxiliary users need editing access. A common solution is to usesetfacl
to assign appropriate permissions for specified groups.What's New?
This PR enhances the
acl
mode in thedeploy:writable
task by introducing a new option:writable_acl_groups
. This option allows you to specify a list of group names that will be passed to allsetfacl
commands in thedeploy:writable
task.The
writable_acl_groups
option defaults to[]
, ensuring full backward compatibility without breaking existing implementations.Example Usage
Given the following settings:
Deployer will execute the following commands:
This will produce the following
getfacl
output for directories:And the following output for files:
Checklist