setacl.1 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

setacl(1) setacl(1)

NAME

setacl - modify access control lists (ACLs) for ﬁles (JFS File Systems only)

SYNOPSIS

setacl [-n] -s acl_entries ﬁle...

setacl [-n] -m|-d

acl_entries [-m|-d acl_entries ]... ﬁle...

setacl [-n] -f acl_ﬁle ﬁle...

DESCRIPTION

For each ﬁle speciﬁed,

setacl will either replace its entire ACL, including the default ACL on a direc-

tory, or it will add, modify, or delete one or more ACL entries, including default entries on directories.

The

-s option will set the ACL to the entries speciﬁed on the command line. The

-f option will set the

ACL to the entries contained within the ﬁle acl_ﬁle . The

-d option will delete one or more speciﬁed

entries from the ﬁle’s ACL. The

-m option will add or modify one or more speciﬁed ACL entries.

One of the options

-s, -m,

-d,or-f must be speciﬁed. If -s or -f are speciﬁed, other options are

invalid. The

-m and -d options may be combined, and multiple

-m and -d options may be speciﬁed.

For the

-m and -s options, acl_entries are one or more comma separated ACL entries selected from the

following list. For the

-f option, acl_ﬁle must contain ACL entries, one to a line, selected from the same

list. Default entries may only be speciﬁed for directories.

Bold face’ indicates that characters must

be typed as speciﬁed, brackets denote optional characters, and italicized characters are to be speciﬁed by

the user. Choices, of which exactly one must be selected, are separated by vertical bars.

u[ser]::operm |perm

u[ser]:uid :operm|perm

g[roup]::operm |perm

g[roup]:gid :operm|perm

c[lass]:operm |perm

o[ther]:operm |perm

d[efault]:u[ser]::operm |perm

d[efault]:u[ser]:uid:operm|perm

d[efault]:g[roup]::operm |perm

d[efault]:g[roup]:gid:operm |perm

d[efault]:c[lass]::operm |perm

d[efault]:o[ther]::operm |perm

For the

-d option, acl_entries are one or more comma separated ACL entries without permissions,

selected from the following list. Note that the entries for ﬁle owner, owning group, and others may not be

deleted.

u[ser]:uid

g[roup]:gid

d[efault]:u[ser]:

d[efault]:u[ser]:uid

d[efault]:g[roup]:

d[efault]:g[roup]:gid

d[efault]:c[lass]:

d[efault]:o[ther]:

In the above lists, the user speciﬁes the following:

perm is a permissions string composed of the characters

r (read), w (write), and x (execute), each of

which may appear at most one time, in any order. The character - may be speciﬁed as a place-

holder.

operm is the octal representation of the above permissions, with 7 representing all permissions, or

rwx,

and 0 representing no permissions, or ---.

uid is a login name or user ID.

gid is a group name or group ID.

The options have the following meanings:

-n Normally, setacl recalculates the group class entry so as to ensure that permissions granted in

the additional ACL entries will actually be granted, and the value speciﬁed in the class entry

is ignored. If the -n option is speciﬁed, the recalculation is not performed, and the value

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (4 pages)

PAGE 1
setacl(1) setacl(1) NAME setacl - modify access control lists (ACLs) for files (JFS File Systems only) SYNOPSIS setacl [-n] -s acl_entries file... setacl [-n] -m|-d acl_entries [-m|-d acl_entries ]... setacl [-n] -f acl_file file... file... DESCRIPTION For each file specified, setacl will either replace its entire ACL, including the default ACL on a directory, or it will add, modify, or delete one or more ACL entries, including default entries on directories.
PAGE 2
setacl(1) setacl(1) specified in the class entry is used. -s Set a file’s ACL. All old ACL entries are removed, and replaced with the newly specified ACL. There must be exactly one user entry specified for the owner of the file, exactly one group entry specified for the owning group of the file, and exactly one other entry specified. If the -n option is not specified there must also be exactly one class entry specified.
PAGE 3
setacl(1) setacl(1) EXAMPLES To add one ACL entry to file filea, giving user archer read permission only, type: setacl -m user:archer:r-- filea If an entry for user archer already exists, this command will set the permissions in that entry to r--.
PAGE 4
(Notes) A (Notes) sA 4 Hewlett-Packard Company −1− HP-UX 11i Version 3: September 2010