HP-UX Reference (11i v1 05/09) - 1 User Commands A-M (vol 1)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

351

352

353

354

355

356

357

358

359

360

getaccess(1) getaccess(1)

NAME

getaccess - list access rights to ﬁle(s)

SYNOPSIS

getaccess [-u user ][-g user ] group [, group ]... ] [

-n] ﬁle ...

getaccess -r [-n] ﬁle ...

DESCRIPTION

getaccess lists for the speciﬁed ﬁles the effective access rights of the caller (that is, for their effective

user ID, effective group ID, and supplementary groups list). By default, the command prints a symbolic

representation of the user’s access rights to the named ﬁle:

r or - for read/no read, w

or - for write/no

write, and

x or - for execute/no execute (for directories, search/no search), followed by the ﬁle name.

Options

getaccess recognizes the following options and command-line arguments:

-u user List access for the given user instead of the caller. A user can be a known user name,

a valid

ID number, or @, representing the ﬁle’s owner ID. If information about more

than one ﬁle is requested, the value of @ can differ for each.

This option sets the user

ID only. The access check is made with the caller’s effective

group ID and supplementary group

IDs unless -g is also speciﬁed.

-g group [, group ]... ]

List access for the given group(s) instead of the caller’s effective group

ID and supple-

mentary groups list. A group can be a known group name, a valid

ID number, or @,

representing the ﬁle’s group

ID. If information about more than one ﬁle is requested,

the value of @ can differ for each.

-r List access using the caller’s real user ID,

group ID, and supplementary groups list,

instead of effective

ID values.

-n List access rights numerically (octal digits 0..7 instead of rwx) for each ﬁle requested.

The bit values R_OK, W_OK, and X_OK are deﬁned in the ﬁle <

unistd.h>.

Checking access using access control lists is described in acl(5) and aclv(5).

In addition, the write bit is cleared for ﬁles on read-only ﬁle systems or shared-text programs being exe-

cuted. The execute bit is not turned off for shared-text programs open for writing because it is not possible

to ascertain whether a ﬁle open for writing is a shared-text program.

Processes with appropriate privileges have read and write access to all ﬁles. However, write access is

denied for ﬁles on read-only ﬁle systems or shared-text programs being executed. Execute access is allowed

if and only if the ﬁle is not a regular ﬁle or the execute bit is set in any of the ﬁle’s

ACL entries.

To use

getaccess successfully, the caller must have search access in every directory component of the

path name of the ﬁle. getaccess veriﬁes search access ﬁrst by using the caller’s effective

IDs, regard-

less of the user and group

IDs speciﬁed. This is distinct from the case in which the caller can search the

path but the user for whom access is being checked does not have access to the ﬁle.

Note: a ﬁle name argument of - has no special meaning (such as standard input) to getaccess.

EXTERNAL INFLUENCES

Environment Variables

LANG determines the language in which messages are displayed.

If LANG is not speciﬁed or is set to the empty string, a default of "C" (see lang(5)) is used instead of LANG.

If any internationalization variable contains an invalid setting, getaccess behaves as if all internation-

alization variables are set to "C". See environ(5).

RETURN VALUE

getaccess returns one of the following values:

0 Successful completion.

1 getaccess was invoked incorrectly or encountered an unknown user or group name. An

appropriate message is printed to standard error.

Section 1−−334 Hewlett-Packard Company − 1 − HP-UX 11i Version 1: September 2005