This is a Python 3.7+ extension module allows you to manipulate the
POSIX.1e Access Control Lists present in some OS/file-systems
combinations. Note this module provides a Python interface to the
libacl library, and thus it does not have the features of the
setfacl binary.
Downloads: go to https://pylibacl.k1024.org/downloads. Latest version is 0.7.3. The source repository is at https://github.com/iustin/pylibacl.
For any issues, please file bugs at https://github.com/iustin/pylibacl/issues.
See the CONTRIBUTING.md file for details on how to contribute, or
support me on ko-fi.
pylibacl has been written and tested on Linux, kernel v2.4 or newer, with XFS filesystems; ext2/ext3 should also work. Since release 0.4.0, FreeBSD 7 also has quite good support. If any other platform implements the POSIX.1e draft, pylibacl can be used. I heard that Solaris does, but I can't test it.
- Python 3.7 or newer. Python 2.4+ was supported in the 0.5.x branch, Python 3.4+ in the 0.6 branch.
- Operating system:
- Linux, kernel v2.4 or newer, and the libacl library and development packages (all modern distributions should have this, under various names); also the file-systems you use must have ACLs turned on, either as a compile or mount option.
- FreeBSD 7.0 or newer.
- The sphinx python module, for your python version, if building the documentation.
Note that on FreeBSD, ACLs are not enabled by default (at least on UFS
file systems). To enable them, run tunefs -a enabled on the file
system in question (after mounting it read-only). Then install:
pkg install py36-setuptools py36-sphinx
or:
pkg install py37-setuptools
>>> import posix1e
>>>
>>> # On some operating systems,
>>> # you must provide user, group and other permissions first and in that order.
>>> acl = posix1e.ACL(text = 'u::rx,g::r,o:-')
>>> acl.valid()
True
>>> # Adding an extended entry requires calculating the mask, if you don't pass it.
>>> e = acl.append()
>>> e.tag_type = posix1e.ACL_USER
>>> e.qualifier = 0
>>> acl.valid()
False
>>> acl.calc_mask()
>>> acl.valid()
True
>>> # Note that unlike setfacl, there is no "d:u:123:r" option to change default ACLS.
>>> # call 'applyto' with ACL_TYPE_DEFAULT, or delete_default.
>>> # acl.applyto('/foo', posix1e.ACL_TYPE_DEFAULT)
>>> # posix1e.delete_default('/foo')For reporting security vulnerabilities, please see SECURITY.md.
pylibacl is Copyright (C) 2002-2009, 2012, 2014, 2015 Iustin Pop.
pylibacl is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. See the COPYING file for the full license terms.
