ACL file example

body common control
{
  bundlesequence => { "acls" };
}
bundle agent acls
{
  files:
    "/media/flash/acl/test_dir"
      depth_search => include_base,
      acl => template;
}
body acl template
{
  acl_method => "overwrite";
  acl_type => "posix";
  acl_directory_inherit => "parent";
  aces => {
    "user:*:r(wwx),-r:allow", "group:*:+rw:allow", "mask:x:allow", "all:r"
  };
}
body acl win
{
  acl_method => "overwrite";
  acl_type => "ntfs";
  acl_directory_inherit => "nochange";
  aces => { "user:Administrator:rw", "group:Bad:rwx(Dpo):deny" };
}
body depth_search include_base
{
  include_basedir => "true";
}

ACL generic example

body common control
{
  bundlesequence => { "acls" };
}
bundle agent acls
{
  files:
    "/media/flash/acl/test_dir"
      depth_search => include_base,
      acl => test;
}
body acl test
{
  acl_type => "generic";
  aces => { "user:bob:rwx", "group:staff:rx", "all:r" };
}
body depth_search include_base
{
  include_basedir => "true";
}

ACL secret example

body common control
{
  bundlesequence => { "acls" };
}
bundle agent acls
{
  files:
    windows::
      "c:\Secret"
        acl => win,
        depth_search => include_base,
        comment => "Secure the secret directory from unauthorized access";
}
body acl win
{
  acl_method => "overwrite";
  aces => { "user:Administrator:rwx" };
}
body depth_search include_base
{
  include_basedir => "true";
}