Manualshelf

HP-UX Reference (11i v1 00/12) - 5 Miscellaneous Topics, 7 Device (Special) Files, 9 General Information, Index (vol 9)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals
11121314151617181920
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man5/!!!intro.5
________________________________________________________________
___ ___
a
acl(5) acl(5)
id ::= name | number |%|@
op ::= =|+|-
mode ::= 0..7 | [char[char]...]
char ::= r|w|x
Short Form of ACLs (input and output)
(user . group, mode) ...
Short form differs from operator form in several ways:
Entries are surrounded by parentheses rather than being separated by commas.
Each entry specifies the mode, including all mode bits. It is not possible to change the mode value
with + and - operators. However, the comma functions like the = operator in operator form.
For clarity, hyphens represent unset permission bits in the output of the mode field and are allowed in
input. This resembles the mode output style used by ls(1).
Multiple entries are concatenated. For consistency with operator form, a dot (.) is used to separate user
and group IDs.
On output, no whitespace is printed except in names (if any).
ID numbers are printed if no matching names
are known. Either
ID can be printed as % for ‘‘no specific user or group.’’ The mode is represented as
<r|-><w|-><x|->, that is, it always has three characters, padded with hyphens for unset mode bits. If the
ACL is read from the system, entries are ordered by specificity, then by numeric values of
ID parts.
On input, the entire
ACL must be a single argument, and thus should be quoted to the shell if it contains
whitespace or special characters. Whitespace is ignored except within names. A nullACL is legitimate, and
means either ‘‘no access’’ or ‘‘no changes’’, depending on context.
User and group
IDs are represented as in operator form.
The mode is represented by an octal value of 0 through 7; or any combination of r, w, x and - (ignored) can
be given in any order (see
EXAMPLES below). A null mode denies access.
Redundancy does not result in error; the last entry for any user-ID/group-ID combination takes effect.
Entries need not appear in any particular order.
The exact syntax is:
acl ::= [entry[entry]...]
entry ::= (id.id,mode)
id ::= name | number |%|@
mode ::= 0..7 | [char[char]...]
char ::= r|w|x|-
Long Form of ACLs (output only)
mode user . group
Each entry occupies a single line of output. The mode appears first in a fixed-width eld, using hyphens
(for unset mode bits) for easy vertical scanning. Each user and group
ID is shown as a name if known, a
number if unknown, or % for ‘‘no specific user or group.’’ Entries are ordered from most to least specific,
then by numeric values of ID parts.
Note that every ACL printed has at least three entries, the base ACL entries (that is, uid.%, %.gid, and
%.%).
The exact syntax is:
acl ::= entry[<newline>entry]...
entry ::= mode<space>id.id
mode ::= <r|-><w|-><x|->
id ::= name | number |%
ACL Patterns
Some library calls and commands recognize and use
ACL patterns instead of exact ACLs to allow operations
on all entries that match the patterns. ACL syntax is extended in the following ways:
wildcard user and group IDs
A user or group name of (wildcard) matches the user or group ID in any entry, including
% (no specific user or group).
HP-UX Release 11i: December 2000 4 Section 55
___
___