Fix wrong recurse behavior on for linux_acl.present state

2025-04-17 10:10:20 +00:00 · 2018-09-06 11:17:45 +01:00 · 2018-09-06 11:17:45 +01:00 · dc6d1d7d6b
commit dc6d1d7d6b
parent f73f2e5bb6
1 changed files with 14 additions and 3 deletions
--- a/salt/states/linux_acl.py
+++ b/salt/states/linux_acl.py
@ -66,7 +66,7 @@ def present(name, acl_type, acl_name='', perms='', recurse=False):
        ret['result'] = False
        return ret

-    __current_perms = __salt__['acl.getfacl'](name)
+    __current_perms = __salt__['acl.getfacl'](name, recursive=recurse)

    if acl_type.startswith(('d:', 'default:')):
        _acl_type = ':'.join(acl_type.split(':')[1:])
@ -97,7 +97,18 @@ def present(name, acl_type, acl_name='', perms='', recurse=False):
            user = None

        if user:
-            if user[_search_name]['octal'] == sum([_octal.get(i, i) for i in perms]):
+            octal_sum = sum([_octal.get(i, i) for i in perms])
+            need_refresh = False
+            for path in __current_perms:
+                acl_found = False
+                for user_acl in __current_perms[path].get(_acl_type, []):
+                    if _search_name in user_acl and user_acl[_search_name]['octal'] == octal_sum:
+                        acl_found = True
+                        break
+                if not acl_found:
+                    need_refresh = True
+                    break
+            if not need_refresh:
                ret['comment'] = 'Permissions are in the desired state'
            else:
                changes = {'new': {'acl_name': acl_name,
@ -169,7 +180,7 @@ def absent(name, acl_type, acl_name='', perms='', recurse=False):
        ret['result'] = False
        return ret

-    __current_perms = __salt__['acl.getfacl'](name)
+    __current_perms = __salt__['acl.getfacl'](name, recursive=rescurse)

    if acl_type.startswith(('d:', 'default:')):
        _acl_type = ':'.join(acl_type.split(':')[1:])