This was done for dav_ufs (an Apache mod_dav module used to publish files not normally available to apache).
aclfsd accepts the --config command line option, allowing one to use a different configuration file. If this option starts with the | character (pipe), aclfsd assumes it is a command and will execute it whenever a new user connects. Further, the command is parsed for special tokens. They are replaced like this:
The command should produce mappings more appropriate, making life easier for the user (and somewhat enhance the security).
For example, a normal aclfsd file would look like
A user using the home volume would see all homes and would have to select the proper one. A special script may be written to provide a mapping directly associated with the user. This means that two users accessing the same aclfs volume may end up in two different places without knowing.
This was done for the dav_ufs project (webdav using aclfsd to access files).
The keyword $SELF may be used to reference the original user. The following example creates files own by group ftp, but preserves the user.