Open
Description
SUMMARY
I believe the feature to set default permissions is not working for nfs4_acl
ISSUE TYPE
- Bug Report
COMPONENT NAME
acl
ANSIBLE VERSION
ansible --version
ansible [core 2.17.10]
config file = /root/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /root/ansible/galaxy/ansible_collections
executable location = /usr/bin/ansible
python version = 3.11.2 (main, Nov 30 2024, 21:22:50) [GCC 12.2.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
COLLECTION VERSION
# /root/ansible/galaxy/ansible_collections
Collection Version
------------- -------
ansible.posix 2.0.0
CONFIGURATION
ansible-config dump --only-changed
ANSIBLE_PIPELINING(/root/ansible/ansible.cfg) = True
CALLBACKS_ENABLED(/root/ansible/ansible.cfg) = ['timer', 'profile_tasks', 'profile_roles']
COLLECTIONS_PATHS(/root/ansible/ansible.cfg) = ['/root/ansible/galaxy/ansible_collections']
CONFIG_FILE() = /root/ansible/ansible.cfg
DEFAULT_FORKS(/root/ansible/ansible.cfg) = 10
DEFAULT_GATHERING(/root/ansible/ansible.cfg) = explicit
DEFAULT_HOST_LIST(/root/ansible/ansible.cfg) = ['/root/ansible/inventory/hosts.yml']
DEFAULT_ROLES_PATH(/root/ansible/ansible.cfg) = ['/root/ansible/roles']
DEFAULT_STRATEGY(/root/ansible/ansible.cfg) = free
HOST_KEY_CHECKING(/root/ansible/ansible.cfg) = False
OS / ENVIRONMENT
rocky linux 9
STEPS TO REPRODUCE
- Have a nfs share mounted to the remote system
- try to set default permissions for the folder (its not working for group and niether user.
- name: Sets default ACL for joe on /etc/foo.d/
ansible.posix.acl:
path: /opt/paperlessngx/
entity: 101000
etype: group
permissions: rwx
state: present
default: yes
recursive: true
use_nfsv4_acls: true
EXPECTED RESULTS
that the setfacl command will get used and default permissions will get configured for the share
ACTUAL RESULTS
i believe setfacl have to be used or when this is still the check part of the module and the -d is propably wrong?
-vvvv results:
TASK [Sets default ACL for joe on /etc/foo.d/] *********************************************************************************************************************************************************************************************
task path: /root/ansible/playbooks/nextcloud_paperless/paperlessngx.yml:317
fatal: [nextcloud]: FAILED! => {
"changed": false,
"cmd": "/bin/nfs4_getfacl -d --omit-header /opt/paperlessngx/",
"invocation": {
"module_args": {
"default": true,
"entity": "101000",
"entry": null,
"etype": "group",
"follow": true,
"path": "/opt/paperlessngx/",
"permissions": "rwx",
"recalculate_mask": "default",
"recursive": true,
"state": "present",
"use_nfsv4_acls": true
}
},
"msg": "/bin/nfs4_getfacl: invalid option -- 'd'\nUsage: nfs4_getfacl [OPTIONS] file ...\n .. where OPTIONS is any (or none) of:\n -H, --more-help\t display ACL format information\n -h, --help\t\t display this help text\n -R,
--recursive\t recurse into subdirectories\n -c, --omit-header\t Do not display the comment header (Do not print filename)\n --dacl display the NFSv4.1 dacl\n --sacl display the NFSv4.1 sacl",
"rc": 1,
"stderr": "/bin/nfs4_getfacl: invalid option -- 'd'\nUsage: nfs4_getfacl [OPTIONS] file ...\n .. where OPTIONS is any (or none) of:\n -H, --more-help\t display ACL format information\n -h, --help\t\t display this help text\n -
R, --recursive\t recurse into subdirectories\n -c, --omit-header\t Do not display the comment header (Do not print filename)\n --dacl display the NFSv4.1 dacl\n --sacl display the NFSv4.1 sacl\n",
"stderr_lines": [
"/bin/nfs4_getfacl: invalid option -- 'd'",
"Usage: nfs4_getfacl [OPTIONS] file ...",
" .. where OPTIONS is any (or none) of:",
" -H, --more-help\t display ACL format information",
" -h, --help\t\t display this help text",
" -R, --recursive\t recurse into subdirectories",
" -c, --omit-header\t Do not display the comment header (Do not print filename)",
" --dacl display the NFSv4.1 dacl",
" --sacl display the NFSv4.1 sacl"
],
"stdout": "",
"stdout_lines": []
}
Metadata
Metadata
Assignees
Labels
No labels