Merge pull request #638 from Silejonu/main (#738)

acl: correctly assert needed changes when recursive is true SUMMARY Right now, when setting recursive ACLs on a directory, all files in the directory are tested to check if a change is needed. If a single file has expected ACLs already set, then the test returns False and no changes are applied. Fixes #592 ISSUE TYPE Bugfix Pull Request COMPONENT NAME acl ADDITIONAL INFORMATION I'm very much a beginner in Python, so any criticism is welcome. Reviewed-by: Hideki Saito <saito@fgrep.org> (cherry picked from commit c4b1c2b0fb) Co-authored-by: centosinfra-prod-github-app[bot] <161850885+centosinfra-prod-github-app[bot]@users.noreply.github.com>
2026-06-10 02:25:54 +00:00 · 2026-05-18 15:02:06 +09:00
parent 1009d5cb28
commit 9cf6a06ca7
4 changed files with 50 additions and 38 deletions
--- a/plugins/modules/acl.py
+++ b/plugins/modules/acl.py
@@ -244,16 +244,16 @@ def acl_changed(module, cmd, entry, use_nfsv4_acls=False):
    lines = run_acl(module, cmd)
    counter = 0
    for line in lines:
-        if line.endswith('*,*') and not use_nfsv4_acls:
-            return False
+        if not use_nfsv4_acls and not line.endswith('*,*'):
+            return True
        # if use_nfsv4_acls and entry is listed
        if use_nfsv4_acls and entry == line:
            counter += 1

    # The current 'nfs4_setfacl --test' lists a new entry,
-    #  which will be added at the top of list, followed by the existing entries.
-    # So if the entry has already been registered, the entry should be find twice.
-    if counter == 2:
+    # which will be added at the top of the list, followed by the existing entries.
+    # So if the entry has already been registered, the entry should be found twice.
+    if not use_nfsv4_acls or counter == 2:
        return False
    return True