Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Access to Files and Directories
Chapter 8756
HFS ACLs and HP-UX Commands and Calls
• The following commands and system calls work with ACLs on HFS
file systems:
❏ chacl: Change HFS ACLs of files. See chacl (1).
❏ getaccess: List user’s access rights to files. See getaccess (1).
❏ lsacl: List HFS ACLs of files. See lsacl (1).
❏ getaccess(): Get a user’s effective access rights to a file. See
getaccess (2).
❏ getacl(), fgetacl(): Get HFS ACL information. See getacl (2)
and fgetacl (2).
❏ setacl(), fsetacl(): Set HFS ACL information. See setacl (2)
and fsetacl (2).
❏ acltostr(): Convert HFS ACL structure to string form. See
acltostr (3C).
❏ chownacl(): Change owner/group represented in an HFS file’s
ACL. See chownacl (3C).
❏ cpacl(), fcpacl(): Copy HFS ACL and mode bits from one file
to another. See cpacl (3C) and fcpacl (3C).
❏ setaclentry(), fsetaclentry(): Add/modify/delete an HFS
file’s ACL entry. See setaclentry (3C) and fsetaclentry (3C).
❏ strtoacl(): Parse and convert HFS ACL structure to string
form. See strtoacl (3C).
❏ strtoaclpatt(): Parse and convert HFS ACL pattern strings to
arrays. See strtoaclpatt (3C).
• ACL entries are affected by numerous HP-UX commands, system
calls, and subroutine libraries — sometimes in unexpected ways.
❏ chmod: Deletes HFS ACLs by default. Use the -A option to retain
HFS ACLs. See chmod (1).
❏ chmod(): Deletes HFS ACL entries. Use getacl() and setacl()
to save and restore the HFS ACL entries. See chmod (2), getacl
(2), and setacl (2).
❏ cpset: Does not set a file’s optional ACL entries. See cpset (1M).