acl.2 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

acl(2) acl(2)

NAME

acl() - set a ﬁle’s Access Control List (ACL) information (JFS File Systems only)

SYNOPSIS

#include <sys/types.h>

#include <aclv.h>

int acl(char *pathp, int cmd, int nentries, struct acl *aclbufp);

DESCRIPTION

The acl() system call is used to manipulate ACLs on JFS ﬁle system objects.

pathp points to a path name naming a ﬁle.

nentries speciﬁes how many ACL entries are pointed to by aclbufp .

aclbufp is a pointer to the ﬁrst element of an array of

struct acl. This type is deﬁned in

<sys/acl.h> as follows:

struct acl {

int a_type; /* entry type */

uid_t a_id; /* user or group ID */

ushort a_perm; /* entry permissions */

};

The values for a_type are:

USER_OBJ Permissions for the owner of the object.

USER Permissions for additional users.

GROUP_OBJ Permissions for members of the owning group of the object.

GROUP Permissions for members of additional groups.

CLASS_OBJ Maximum permissions granted to the ﬁle group class.

OTHER_OBJ Permissions for other users.

DEF_USER_OBJ

Default permissions for the object owner.

DEF_USER Default permissions for additional users.

DEF_GROUP_OBJ

Default permissions for members of the owning group of the object.

DEF_GROUP Default permissions for members of additional groups

DEF_CLASS_OBJ

Default maximum permissions granted to the ﬁle group class.

DEF_OTHER_OBJ

Default permissions for other users.

cmd The following values for cmd are available:

ACL_SET nentries ACL entries, speciﬁed in buffer aclbufp , are stored in the ﬁle’s ACL. Any

existing ACL on the ﬁle is replaced by the new ACL. All directories in the path

name must be searchable.

ACL_GET Buffer aclbufp is ﬁlled with the ﬁle’s ACL entries. Discretionary read access to the

ﬁle is not required, but all directories in the path name must be searchable.

ACL_CNT The number of entries in the ﬁle’s ACL is returned. Discretionary read access to the

ﬁle is not required, but all directories in the path name must be searchable.

For command

ACL_SET, the acl() call will succeed if and only if all of the following are true:

There is exactly one entry each of type

USER_OBJ, GROUP_OBJ, CLASS_OBJ, and OTHER_OBJ.

If pathp points to a directory, there is at most one entry each of type

DEF_USER_OBJ,

DEF_GROUP_OBJ, DEF_CLASS_OBJ, and DEF_OTHER_OBJ.

Entries of type

USER, GROUP, DEF_USER,orDEF_GROUP do not contain duplicate entries. A

duplicate entry is one of the same type containing the same numeric ID.

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
acl(2) acl(2) NAME acl() - set a file’s Access Control List (ACL) information (JFS File Systems only) SYNOPSIS #include #include int acl(char *pathp, int cmd, int nentries, struct acl *aclbufp); DESCRIPTION The acl() system call is used to manipulate ACLs on JFS file system objects. A pathp points to a path name naming a file. nentries specifies how many ACL entries are pointed to by aclbufp . aclbufp is a pointer to the first element of an array of struct acl.
PAGE 2
acl(2) acl(2) If the ACL contains no entries of type USER and no entries of type GROUP, then the entries of type GROUP_OBJ and CLASS_OBJ have the same permissions. If the ACL contains no entries of type DEF_USER and no entries of type DEF_GROUP, and an entry of type DEF_GROUP_OBJ is specified, then an entry of type DEF_CLASS_OBJ is also specified and the two entries have the same permissions.