1
The Linux version of setfacl, as opposed to the BSD version has that very handy --test option:
--test
Test mode. Instead of changing the ACLs of any files, the resulting
ACLs are listed.
Although I know setfacl is idempotent, it's very useful to test if setfacl must be run before actually running it (to nicely inform a user in a program, for example).
Is there a known way to do something similar using the BSD version of setfacl?
A way to do so would be to run getfacl and then compare the output with the arguments given to setfacl but it seems pretty tedious/messy as there are a lot of non-exclusive cases: default entries (-d), modify (-m) or remove (-x) entries, entries with capital-x X execute permissions, ... Definitely more hacking around and a more error-prone solution than the simple --test.
I'll have to default to that if nothing else is possible (scripting in Python), but I just wanted to make sure I'm not missing a simpler or already existing solution.
astorije
Posted 2015-08-21T22:20:47.817
Reputation: 111
It would be noise to add it to the question, but the context behind this is to re-add BSD support to the test part of the Ansible's
– astorije – 2015-08-21T22:24:37.287aclmodule that was lost during this change.