ACL file example

code
body common control
{
      bundlesequence => { "acls" };
}

bundle agent acls
{
  files:
      "/media/flash/acl/test_dir"

      depth_search => include_base,
      acl => template;
}

body acl template
{
      acl_method => "overwrite";
      acl_type => "posix";
      acl_directory_inherit => "parent";
      aces => { "user:*:r(wwx),-r:allow", "group:*:+rw:allow", "mask:x:allow", "all:r"};
}

body acl win
{
      acl_method => "overwrite";
      acl_type => "ntfs";
      acl_directory_inherit => "nochange";
      aces => { "user:Administrator:rw", "group:Bad:rwx(Dpo):deny" };
}

body depth_search include_base
{
      include_basedir => "true";
}

ACL generic example

code
body common control
{
      bundlesequence => { "acls" };
}

bundle agent acls
{
  files:
      "/media/flash/acl/test_dir"

      depth_search => include_base,
      acl => test;
}

body acl test
{
      acl_type => "generic";
      aces => {"user:bob:rwx", "group:staff:rx", "all:r"};
}

body depth_search include_base
{
      include_basedir => "true";
}

ACL secret example

code
body common control
{
      bundlesequence => { "acls" };
}

bundle agent acls
{
  files:
    windows::
      "c:\Secret"
      acl => win,
      depth_search => include_base,
      comment => "Secure the secret directory from unauthorized access";
}

body acl win
{
      acl_method => "overwrite";
      aces => { "user:Administrator:rwx" };
}

body depth_search include_base
{
      include_basedir => "true";
}