add publisher_acl to salt master config

salt/files/master.d/f_defaults.conf

 # This setting should be treated with care since it opens up execution
 # capabilities to non root users. By default this capability is completely
 # disabled.
-{% if 'client_acl' in cfg_master -%}
+{% if 'publisher_acl' in cfg_master -%}
+{%- do default_keys.append('publisher_acl') %}
+publisher_acl:
+{%- for name, user in cfg_master['publisher_acl']|dictsort %}
+  {{ name}}:
+{%- for command in user %}
+    - {% raw %}'{% endraw %}{{ command }}{% raw %}'{% endraw %}
+{%- endfor -%}
+{%- endfor -%}
+{% elif 'publisher_acl' in cfg_salt -%}
+publisher_acl:
+{%- for name, user in cfg_salt['publisher_acl']|dictsort %}
+  {{ name }}:
+{%- for command in user %}
+    - {% raw %}'{% endraw %}{{ command }}{% raw %}'{% endraw %}
+{%- endfor -%}
+{%- endfor -%}
+{% elif 'client_acl' in cfg_master -%}
 {%- do default_keys.append('client_acl') %}
 client_acl:
 {%- for name, user in cfg_master['client_acl']|dictsort %}
 {%- endfor -%}
 {%- endfor -%}
 {% else -%}
-#client_acl:
+#publisher_acl:
 #  larry:
 #    - test.ping
 #    - network.*
 # This example would blacklist all non sudo users, including root from
 # running any commands. It would also blacklist any use of the "cmd"
 # module. This is completely disabled by default.
-{% if 'client_acl_blacklist' in cfg_master %}
+{% if 'publisher_acl_blacklist' in cfg_master %}
+{%- do default_keys.append('publisher_acl_blacklist') %}
+publisher_acl_blacklist:
+  users:
+  {% for user in cfg_master['publisher_acl_blacklist'].get('users', []) %}
+    - {{ user }}
+  {% endfor %}
+  modules:
+  {% for mod in cfg_master['publisher_acl_blacklist'].get('modules', []) %}
+    - {{ mod }}
+  {% endfor %}
+{% elif 'publisher_acl_blacklist' in cfg_salt  %}
+publisher_acl_blacklist:
+  users:
+  {% for user in cfg_salt['publisher_acl_blacklist'].get('users', []) %}
+    - {{ user }}
+  {% endfor %}
+  modules:
+  {% for mod in cfg_salt['publisher_acl_blacklist'].get('modules', []) %}
+    - {{ mod }}
+  {% endfor %}
+{% elif 'client_acl_blacklist' in cfg_master %}
 {%- do default_keys.append('client_acl_blacklist') %}
 client_acl_blacklist:
   users: