filesystem.acltemplate.create

Create a new filesystem ACL template.

Type: object

Type: array
No Additional Items

Tuple Validation

Parameter 1: acltemplate_create

acltemplate_create

Type: object

ACL template configuration data for the new template.

 No Additional Properties

Name

Type: string

Human-readable name for the ACL template.

Acltype

Type: enum (of string)

ACL type this template provides.

Must be one of:
  • "NFS4"
  • "POSIX1E"

Acl


Array of Access Control Entries defined by this template.

Type: array of object
No Additional Items
Each item of this array must be:

NFS4ACE

Type: object
No Additional Properties

Tag

Type: enum (of string)

Subject type for this ACE.

  • owner@: File/directory owner
  • group@: File/directory primary group
  • everyone@: All users
  • USER: Specific user account
  • GROUP: Specific group
Must be one of:
  • "owner@"
  • "group@"
  • "everyone@"
  • "USER"
  • "GROUP"

Type

Type: enum (of string)

Access control type.

  • ALLOW: Grant the specified permissions
  • DENY: Explicitly deny the specified permissions
Must be one of:
  • "ALLOW"
  • "DENY"

Perms


Permissions granted or denied by this ACE.

NFS4ACE_AdvancedPerms

Type: object
No Additional Properties

Read Data

Type: boolean Default: false

Permission to read file data or list directory contents.

Write Data

Type: boolean Default: false

Permission to write file data or create files in directory.

Append Data

Type: boolean Default: false

Permission to append data to files or create subdirectories.

Read Named Attrs

Type: boolean Default: false

Permission to read named attributes (extended attributes).

Write Named Attrs

Type: boolean Default: false

Permission to write named attributes (extended attributes).

Execute

Type: boolean Default: false

Permission to execute files or traverse directories.

Delete

Type: boolean Default: false

Permission to delete the file or directory.

Delete Child

Type: boolean Default: false

Permission to delete child files within a directory.

Read Attributes

Type: boolean Default: false

Permission to read basic file attributes (size, timestamps, etc.).

Write Attributes

Type: boolean Default: false

Permission to write basic file attributes.

Read Acl

Type: boolean Default: false

Permission to read the Access Control List.

Write Acl

Type: boolean Default: false

Permission to modify the Access Control List.

Write Owner

Type: boolean Default: false

Permission to change the file owner.

Synchronize

Type: boolean Default: false

Permission to use the file/directory as a synchronization primitive.

NFS4ACE_BasicPerms

Type: object
No Additional Properties

Basic

Type: enum (of string)

Basic permission level for NFS4 ACE.

  • FULL_CONTROL: Full read, write, execute, and administrative permissions
  • MODIFY: Read, write, and execute permissions
  • READ: Read-only permissions
  • TRAVERSE: Execute/traverse permissions only
Must be one of:
  • "FULL_CONTROL"
  • "MODIFY"
  • "READ"
  • "TRAVERSE"

Flags


Inheritance and other behavioral flags for this ACE.

NFS4ACE_AdvancedFlags

Type: object
No Additional Properties

File Inherit

Type: boolean Default: false

Apply this ACE to files within directories.

Directory Inherit

Type: boolean Default: false

Apply this ACE to subdirectories within directories.

No Propagate Inherit

Type: boolean Default: false

Do not propagate inheritance beyond immediate children.

Inherit Only

Type: boolean Default: false

This ACE only affects inheritance, not the object itself.

Inherited

Type: boolean Default: false

This ACE was inherited from a parent directory.

NFS4ACE_BasicFlags

Type: object
No Additional Properties

Basic

Type: enum (of string)

Basic inheritance behavior for NFS4 ACE.

  • INHERIT: Apply to child files and directories
  • NOINHERIT: Do not apply to child objects
Must be one of:
  • "INHERIT"
  • "NOINHERIT"

Id

Default: null

UID or GID when tag is "USER" or "GROUP". null for special entries.

Type: integer

Value must be greater or equal to -1 and lesser or equal to 2147483647

Type: null

Who

Default: null

Username or group name when tag is "USER" or "GROUP". null for special entries.

Type: string
Type: string

Must be at least 1 characters long

Type: null
Type: array of object
No Additional Items
Each item of this array must be:

POSIXACE

Type: object
No Additional Properties

Tag

Type: enum (of string)

Subject type for this POSIX ACE.

  • USER_OBJ: File/directory owner
  • GROUP_OBJ: File/directory primary group
  • OTHER: All other users
  • MASK: Maximum permissions for named users and groups
  • USER: Specific user account
  • GROUP: Specific group
Must be one of:
  • "USER_OBJ"
  • "GROUP_OBJ"
  • "OTHER"
  • "MASK"
  • "USER"
  • "GROUP"

POSIXACE_Perms

Type: object

Read, write, and execute permissions for this ACE.

 No Additional Properties

Read

Type: boolean

Permission to read file contents or list directory contents.

Write

Type: boolean

Permission to write file contents or create/delete files in directory.

Execute

Type: boolean

Permission to execute files or traverse directories.

Default

Type: boolean

Whether this is a default ACE that applies to newly created child objects.

Id

Default: null

Numeric user or group ID when tag is USER or GROUP. null for object entries.

Type: integer

Value must be greater or equal to -1 and lesser or equal to 2147483647

Type: null

Who

Default: null

Username or group name when tag is USER or GROUP. null for object entries.

Type: string
Type: string

Must be at least 1 characters long

Type: null

Comment

Type: string Default: ""

Optional descriptive comment about the template's purpose.

AclTemplateEntry

Type: object

The created ACL template configuration.

 No Additional Properties

Id

Type: integer

Unique identifier for the ACL template.

Builtin

Type: boolean

Whether this is a built-in system template or user-created.

Name

Type: string

Human-readable name for the ACL template.

Acltype

Type: enum (of string)

ACL type this template provides.

Must be one of:
  • "NFS4"
  • "POSIX1E"

Acl


Array of Access Control Entries defined by this template.

Type: array of object
No Additional Items
Each item of this array must be:

NFS4ACE

Type: object
No Additional Properties

Tag

Type: enum (of string)

Subject type for this ACE.

  • owner@: File/directory owner
  • group@: File/directory primary group
  • everyone@: All users
  • USER: Specific user account
  • GROUP: Specific group
Must be one of:
  • "owner@"
  • "group@"
  • "everyone@"
  • "USER"
  • "GROUP"

Type

Type: enum (of string)

Access control type.

  • ALLOW: Grant the specified permissions
  • DENY: Explicitly deny the specified permissions
Must be one of:
  • "ALLOW"
  • "DENY"

Perms


Permissions granted or denied by this ACE.

NFS4ACE_AdvancedPerms

Type: object
No Additional Properties

Read Data

Type: boolean Default: false

Permission to read file data or list directory contents.

Write Data

Type: boolean Default: false

Permission to write file data or create files in directory.

Append Data

Type: boolean Default: false

Permission to append data to files or create subdirectories.

Read Named Attrs

Type: boolean Default: false

Permission to read named attributes (extended attributes).

Write Named Attrs

Type: boolean Default: false

Permission to write named attributes (extended attributes).

Execute

Type: boolean Default: false

Permission to execute files or traverse directories.

Delete

Type: boolean Default: false

Permission to delete the file or directory.

Delete Child

Type: boolean Default: false

Permission to delete child files within a directory.

Read Attributes

Type: boolean Default: false

Permission to read basic file attributes (size, timestamps, etc.).

Write Attributes

Type: boolean Default: false

Permission to write basic file attributes.

Read Acl

Type: boolean Default: false

Permission to read the Access Control List.

Write Acl

Type: boolean Default: false

Permission to modify the Access Control List.

Write Owner

Type: boolean Default: false

Permission to change the file owner.

Synchronize

Type: boolean Default: false

Permission to use the file/directory as a synchronization primitive.

NFS4ACE_BasicPerms

Type: object
No Additional Properties

Basic

Type: enum (of string)

Basic permission level for NFS4 ACE.

  • FULL_CONTROL: Full read, write, execute, and administrative permissions
  • MODIFY: Read, write, and execute permissions
  • READ: Read-only permissions
  • TRAVERSE: Execute/traverse permissions only
Must be one of:
  • "FULL_CONTROL"
  • "MODIFY"
  • "READ"
  • "TRAVERSE"

Flags


Inheritance and other behavioral flags for this ACE.

NFS4ACE_AdvancedFlags

Type: object
No Additional Properties

File Inherit

Type: boolean Default: false

Apply this ACE to files within directories.

Directory Inherit

Type: boolean Default: false

Apply this ACE to subdirectories within directories.

No Propagate Inherit

Type: boolean Default: false

Do not propagate inheritance beyond immediate children.

Inherit Only

Type: boolean Default: false

This ACE only affects inheritance, not the object itself.

Inherited

Type: boolean Default: false

This ACE was inherited from a parent directory.

NFS4ACE_BasicFlags

Type: object
No Additional Properties

Basic

Type: enum (of string)

Basic inheritance behavior for NFS4 ACE.

  • INHERIT: Apply to child files and directories
  • NOINHERIT: Do not apply to child objects
Must be one of:
  • "INHERIT"
  • "NOINHERIT"

Id

Default: null

UID or GID when tag is "USER" or "GROUP". null for special entries.

Type: integer

Value must be greater or equal to -1 and lesser or equal to 2147483647

Type: null

Who

Default: null

Username or group name when tag is "USER" or "GROUP". null for special entries.

Type: string
Type: string

Must be at least 1 characters long

Type: null
Type: array of object
No Additional Items
Each item of this array must be:

POSIXACE

Type: object
No Additional Properties

Tag

Type: enum (of string)

Subject type for this POSIX ACE.

  • USER_OBJ: File/directory owner
  • GROUP_OBJ: File/directory primary group
  • OTHER: All other users
  • MASK: Maximum permissions for named users and groups
  • USER: Specific user account
  • GROUP: Specific group
Must be one of:
  • "USER_OBJ"
  • "GROUP_OBJ"
  • "OTHER"
  • "MASK"
  • "USER"
  • "GROUP"

POSIXACE_Perms

Type: object

Read, write, and execute permissions for this ACE.

 No Additional Properties

Read

Type: boolean

Permission to read file contents or list directory contents.

Write

Type: boolean

Permission to write file contents or create/delete files in directory.

Execute

Type: boolean

Permission to execute files or traverse directories.

Default

Type: boolean

Whether this is a default ACE that applies to newly created child objects.

Id

Default: null

Numeric user or group ID when tag is USER or GROUP. null for object entries.

Type: integer

Value must be greater or equal to -1 and lesser or equal to 2147483647

Type: null

Who

Default: null

Username or group name when tag is USER or GROUP. null for object entries.

Type: string
Type: string

Must be at least 1 characters long

Type: null

Comment

Type: string Default: ""

Optional descriptive comment about the template's purpose.


Required roles: FILESYSTEM_ATTRS_WRITE