unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 acl(2)                                                               acl(2)




 NAME
      acl() - set a file's Access Control List (ACL) information (JFS File
      Systems only)

 SYNOPSIS
      #include <&lt&lt&lt;sys/types.h>&gt&gt&gt;
      #include <&lt&lt&lt;aclv.h>&gt&gt&gt;
      int acl(char *pathp, int cmd, int nentries, struct acl *aclbufp);

 DESCRIPTION
      The acl() system call is used to manipulate ACLs on JFS file system
      objects.

      pathp     points to a pathname naming a file.

      nentries  specifies how many ACL entries are pointed to by aclbufp.

      aclbufp   is a pointer to the first element of an array of struct acl.
                This type is defined in <&lt&lt&lt;sys/acl.h>&gt&gt&gt; as follows:

                struct acl {
                        int     a_type;        /* entry type */
                        uid_t   a_id;          /* user or group ID */
                        ushort  a_perm;        /* entry permissions */
                };

                The values for a_type are:

                USER_OBJ      Permissions for the owner of the object.

                USER          Permissions for additional users.

                GROUP_OBJ     Permissions for members of the owning group of
                              the object.

                GROUP         Permissions for members of additional groups.

                CLASS_OBJ     Maximum permissions granted to the file group
                              class.

                OTHER_OBJ     Permissions for other users.

                DEF_USER_OBJ  Default permissions for the object owner.

                DEF_USER      Default permissions for additional users.

                DEF_GROUP_OBJ Default permissions for members of the owning
                              group of the object.

                DEF_GROUP     Default permissions for members of additional
                              groups



 Hewlett-Packard Company            - 1 -   HP-UX Release 11i: November 2000






 acl(2)                                                               acl(2)




                DEF_CLASS_OBJ Default maximum permissions granted to the
                              file group class.

                DEF_OTHER_OBJ Default permissions for other users.

      cmd       The following values for cmd are available:

                ACL_SET   nentries ACL entries, specified in buffer aclbufp,
                          are stored in the file's ACL.  Any existing ACL on
                          the file is replaced by the new ACL.  This value
                          for cmd can only be executed by a process that has
                          an effective user ID equal to the owner of the
                          file, or by the superuser.  All directories in the
                          pathname must be searchable.

                ACL_GET   Buffer aclbufp is filled with the file's ACL
                          entries.  Discretionary read access to the file is
                          not required, but all directories in the pathname
                          must be searchable.

                ACL_CNT   The number of entries in the file's ACL is
                          returned.  Discretionary read access to the file
                          is not required, but all directories in the
                          pathname must be searchable.

      For command ACL_SET, the acl() call will succeed if and only if all of
      the following are true:

           There is exactly one entry each of type USER_OBJ, GROUP_OBJ,
           CLASS_OBJ, and OTHER_OBJ.

           If pathp points to a directory, there is at most one entry each
           of type DEF_USER_OBJ, DEF_GROUP_OBJ, DEF_CLASS_OBJ, and
           DEF_OTHER_OBJ.

           Entries of type USER, GROUP, DEF_USER, or DEF_GROUP do not
           contain duplicate entries.  A duplicate entry is one of the same
           type containing the same numeric ID.

           If the ACL contains no entries of type USER and no entries of
           type GROUP, then the entries of type GROUP_OBJ and CLASS_OBJ have
           the same permissions.

           If the ACL contains no entries of type DEF_USER and no entries of
           type DEF_GROUP, and an entry of type DEF_GROUP_OBJ is specified,
           then an entry of type DEF_CLASS_OBJ is also specified and the two
           entries have the same permissions.

 RETURN VALUE
      On success, acl() returns the number of ACL entries for cmd ACL_CNT
      and ACL_GET, and 0 for cmd ACL_SET.  On failure, acl() returns -1 and



 Hewlett-Packard Company            - 2 -   HP-UX Release 11i: November 2000






 acl(2)                                                               acl(2)




      sets errno to identify the error.

 ERRORS
      If acl() fails, the ACL is unchanged, and errno is set to one of the
      following values:

      EACCES      The caller does not have access to a component of the
                  pathname.

      EINVAL      cmd is not ACL_GET, ACL_SET, or ACL_CNT.

      EINVAL      cmd is ACL_SET and nentries is less than the number of
                  mandatory ACL entries (4).

      EINVAL      cmd is ACL_SET and the ACL specified in aclbufp is not
                  valid [see above dicussion, and aclsort(3C)].

      EIO         A disk I/O error has occurred while storing or retrieving
                  the ACL.

      EPERM       cmd is ACL_SET and the effective user ID of the caller
                  does not match the owner of the file, and the caller is
                  not the superuser.

      ENOENT      A component of the path does not exist.

      ENOSPC      cmd is ACL_GET and nentries is less than the number of
                  entries in the file's ACL.

      ENOSPC      cmd is ACL_SET and there is insufficient space to store
                  the ACL.

      ENOSPC      cmd is ACL_SET and nentries is greater than NACLVENTRIES,
                  which is defined in <&lt&lt&lt;sys/aclv.h>&gt&gt&gt;.

      ENOTDIR     A component of the path specified by pathp is not a
                  directory.

      ENOTDIR     cmd is ACL_SET and an attempt is made to set a default ACL
                  on a file type other than a directory.

      ENOSYS      cmd is ACL_SET, the file specified by pathp resides on a
                  local non-JFS file system, and additional entries were
                  specified in the ACL.

      EOPNOTSUPP  cmd is ACL_SET, the file specified by pathp resides on a
                  non-local file system, and additional entries were
                  specified in the ACL.

      EROFS       cmd is ACL_SET and the file specified by pathp resides on
                  a file system that is mounted read-only.



 Hewlett-Packard Company            - 3 -   HP-UX Release 11i: November 2000






 acl(2)                                                               acl(2)




      EFAULT      aclbufp points to an illegal address.

 SEE ALSO
      aclsort(3), getacl(1), setacl(1).


















































 Hewlett-Packard Company            - 4 -   HP-UX Release 11i: November 2000