filesystem.getacl¶
Return ACL of a given path. This may return a POSIX1e ACL or a NFSv4 ACL. The ACL type is indicated by the acltype key.
No Additional Items
Tuple Validation
Parameter 1: path
path
Type: stringAbsolute filesystem path to get ACL information for.
Must be at least 1 characters long
Parameter 2: simplified
simplified
Type: boolean Default: trueWhether to return simplified/basic permission sets instead of advanced permissions.
Parameter 3: resolve_ids
resolve_ids
Type: boolean Default: falseWhether to resolve numeric user/group IDs to names in the response.
Result
ACL information for the requested filesystem path.
NFS4ACLResult
Type: objectNo Additional Properties
Path
Type: stringAbsolute filesystem path this ACL information applies to.
Must be at least 1 characters long
User
Username of the file/directory owner or null if unresolved.
Must be at least 1 characters long
Group
Group name of the file/directory group or null if unresolved.
Must be at least 1 characters long
Uid
Numeric user ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Gid
Numeric group ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Acltype
Type: constACL type identifier for NFS4 access control lists.
Specific value:"NFS4"
Acl
Type: array of objectArray of NFS4 Access Control Entries defining permissions.
No Additional ItemsEach item of this array must be:
NFS4ACE
Type: objectNo Additional Properties
Tag
Type: enum (of string)Subject type for this ACE.
owner@: File/directory ownergroup@: File/directory primary groupeveryone@: All usersUSER: Specific user accountGROUP: Specific group
Must be one of:
- "owner@"
- "group@"
- "everyone@"
- "USER"
- "GROUP"
Type
Type: enum (of string)Access control type.
ALLOW: Grant the specified permissionsDENY: Explicitly deny the specified permissions
Must be one of:
- "ALLOW"
- "DENY"
Perms
Permissions granted or denied by this ACE.
NFS4ACE_AdvancedPerms
Type: objectNo Additional Properties
Read Data
Type: boolean Default: falsePermission to read file data or list directory contents.
Write Data
Type: boolean Default: falsePermission to write file data or create files in directory.
Append Data
Type: boolean Default: falsePermission to append data to files or create subdirectories.
Read Named Attrs
Type: boolean Default: falsePermission to read named attributes (extended attributes).
Write Named Attrs
Type: boolean Default: falsePermission to write named attributes (extended attributes).
Execute
Type: boolean Default: falsePermission to execute files or traverse directories.
Delete
Type: boolean Default: falsePermission to delete the file or directory.
Delete Child
Type: boolean Default: falsePermission to delete child files within a directory.
Read Attributes
Type: boolean Default: falsePermission to read basic file attributes (size, timestamps, etc.).
Write Attributes
Type: boolean Default: falsePermission to write basic file attributes.
Read Acl
Type: boolean Default: falsePermission to read the Access Control List.
Write Acl
Type: boolean Default: falsePermission to modify the Access Control List.
Write Owner
Type: boolean Default: falsePermission to change the file owner.
Synchronize
Type: boolean Default: falsePermission to use the file/directory as a synchronization primitive.
NFS4ACE_BasicPerms
Type: objectNo Additional Properties
Basic
Type: enum (of string)Basic permission level for NFS4 ACE.
FULL_CONTROL: Full read, write, execute, and administrative permissionsMODIFY: Read, write, and execute permissionsREAD: Read-only permissionsTRAVERSE: Execute/traverse permissions only
Must be one of:
- "FULL_CONTROL"
- "MODIFY"
- "READ"
- "TRAVERSE"
Flags
Inheritance and other behavioral flags for this ACE.
NFS4ACE_AdvancedFlags
Type: objectNo Additional Properties
File Inherit
Type: boolean Default: falseApply this ACE to files within directories.
Directory Inherit
Type: boolean Default: falseApply this ACE to subdirectories within directories.
No Propagate Inherit
Type: boolean Default: falseDo not propagate inheritance beyond immediate children.
Inherit Only
Type: boolean Default: falseThis ACE only affects inheritance, not the object itself.
Inherited
Type: boolean Default: falseThis ACE was inherited from a parent directory.
NFS4ACE_BasicFlags
Type: objectNo Additional Properties
Basic
Type: enum (of string)Basic inheritance behavior for NFS4 ACE.
INHERIT: Apply to child files and directoriesNOINHERIT: Do not apply to child objects
Must be one of:
- "INHERIT"
- "NOINHERIT"
Id
Default: nullUID or GID when tag is "USER" or "GROUP". null for special entries.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Who
Default: nullUsername or group name when tag is "USER" or "GROUP". null for special entries.
Must be at least 1 characters long
NFS4ACL_Flags
Type: objectNFS4 ACL behavioral flags for inheritance and protection.
No Additional PropertiesAutoinherit
Type: boolean Default: falseWhether inheritance is automatically applied from parent directories.
Protected
Type: boolean Default: falseWhether the ACL is protected from inheritance modifications.
Defaulted
Type: boolean Default: falseWhether this ACL was created by default rules rather than explicit configuration.
Trivial
Type: booleanWhether this ACL is a simple/trivial ACL equivalent to POSIX permissions.
POSIXACLResult
Type: objectNo Additional Properties
Path
Type: stringAbsolute filesystem path this ACL information applies to.
Must be at least 1 characters long
User
Username of the file/directory owner or null if unresolved.
Must be at least 1 characters long
Group
Group name of the file/directory group or null if unresolved.
Must be at least 1 characters long
Uid
Numeric user ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Gid
Numeric group ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Acltype
Type: constACL type identifier for POSIX.1e access control lists.
Specific value:"POSIX1E"
Acl
Type: array of objectArray of POSIX Access Control Entries defining permissions.
No Additional ItemsEach item of this array must be:
POSIXACE
Type: objectNo Additional Properties
Tag
Type: enum (of string)Subject type for this POSIX ACE.
USER_OBJ: File/directory ownerGROUP_OBJ: File/directory primary groupOTHER: All other usersMASK: Maximum permissions for named users and groupsUSER: Specific user accountGROUP: Specific group
Must be one of:
- "USER_OBJ"
- "GROUP_OBJ"
- "OTHER"
- "MASK"
- "USER"
- "GROUP"
POSIXACE_Perms
Type: objectRead, write, and execute permissions for this ACE.
No Additional PropertiesRead
Type: booleanPermission to read file contents or list directory contents.
Write
Type: booleanPermission to write file contents or create/delete files in directory.
Execute
Type: booleanPermission to execute files or traverse directories.
Default
Type: booleanWhether this is a default ACE that applies to newly created child objects.
Id
Default: nullNumeric user or group ID when tag is USER or GROUP. null for object entries.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Who
Default: nullUsername or group name when tag is USER or GROUP. null for object entries.
Must be at least 1 characters long
Trivial
Type: booleanWhether this ACL is a simple/trivial ACL equivalent to standard POSIX permissions.
DISABLED_ACLResult
Type: objectNo Additional Properties
Path
Type: stringAbsolute filesystem path this ACL information applies to.
Must be at least 1 characters long
User
Username of the file/directory owner or null if unresolved.
Must be at least 1 characters long
Group
Group name of the file/directory group or null if unresolved.
Must be at least 1 characters long
Uid
Numeric user ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Gid
Numeric group ID for file/directory ownership or null to preserve existing.
Value must be greater or equal to -1 and lesser or equal to 2147483647
Acltype
Type: constACL type identifier indicating access control lists are disabled.
Specific value:"DISABLED"
Acl
Type: nullAlways null when ACLs are disabled on the filesystem.
Trivial
Type: constAlways true when ACLs are disabled - only basic POSIX permissions apply.
true
Required roles: FILESYSTEM_ATTRS_READ