unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

acl(2)                           System Calls                           acl(2)



NAME
       acl, facl - get or set a file's Access Control List (ACL)

SYNOPSIS
       #include <sys/acl.h>

       int acl(char *pathp, int cmd, int nentries, void aclbufp);

       int facl(int fildes, int cmd, int nentries, void aclbufp);

DESCRIPTION
       The acl() and facl() functions get or set the  ACL of a file whose name
       is given by pathp or referenced by the open file descriptor fildes. The
       nentries  argument  specifies  how  many  ACL  entries  fit into buffer
       aclbufp. The acl() function is used to manipulate ACL  on  file  system
       objects.

       The following types are supported for aclbufp:

       aclent_t        Used by the UFS file system.



       ace_t           Currently unused.



       The following values for cmd are supported:

       SETACL          nentries  aclent_t  ACL  entries,  specified  in buffer
                       aclbufp, are stored in the file's  ACL. All directories
                       in the path name must be searchable.



       GETACL          Buffer  aclbufp is filled with the file's  aclent_t ACL
                       entries. Read access to the file is not  required,  but
                       all directories in the path name must be searchable.



       GETACLCNT       The  number  of  entries  in the file's aclent_t ACL is
                       returned. Read access to the file is not required,  but
                       all directories in the path name must be searchable.



       ACE_SETACL      nentries   ace_t   ACL  entries,  specified  in  buffer
                       aclbufp, are stored in the file's ACL. All  directories
                       in the path name must be searchable.



       ACE_GETACL      Buffer  aclbufp  is  filled  with  the file's ace_t ACL
                       entries. Read access to the file is not  required,  but
                       all directories in the path name must be searchable.



       ACE_GETACLCNT   The  number  of  entries  in  the  file's  ace_t ACL is
                       returned. Read access to the file is not required,  but
                       all directories in the path name must be searchable.



RETURN VALUES
       Upon  successful  completion,  acl()  and  facl()  return  0  if cmd is
       SETACL. If cmd is  GETACL or  GETACLCNT, the number of  ACL entries  is
       returned.  Otherwise,  -1  is returned and errno is set to indicate the
       error.

ERRORS
       The acl() function will fail if:

       EACCESS         The caller does not have access to a component  of  the
                       pathname.



       EFAULT          The  pathp  or  aclbufp  argument  points to an illegal
                       address.



       EINVAL          The cmd argument is not  GETACL, SETACL, or  GETACLCNT;
                       the  cmd argument is  SETACL and  nentries is less than
                       3; or the cmd argument is  SETACL and the   ACL  speci-
                       fied in  aclbufp is not valid.



       EIO             A  disk   I/O   error  has  occurred  while  storing or
                       retrieving the  ACL.



       ENOENT          A component of the path does not exist.



       ENOSPC          The cmd argument is  GETACL and nentries is  less  than
                       the  number  of  entries in the file's  ACL, or the cmd
                       argument is  SETACL and there is insufficient space  in
                       the file system to store the  ACL.



       ENOSYS          The  cmd  argument is  SETACL and the file specified by
                       pathp resides on a file system that  does  not  support
                       ACLs,  or  the  acl() function is not supported by this
                       implementation.



       ENOTDIR         A component of the path specified by  pathp  is  not  a
                       directory,  or  the  cmd  argument  is   SETACL  and an
                       attempt is made to set a default  ACL on  a  file  type
                       other than a directory.



       ENOTSUP         The  cmd argument is GETACL, but the ACL is composed of
                       ace_t entries, and the ACL cannot  be  translated  into
                       aclent_t form.

                       The  cmd  is  ACE_SETACL, but the underlying filesystem
                       only supports ACLs composed of aclent_t entries and the
                       ACL could not be translated into aclent_t form.



       EPERM           The  effective  user ID does not match the owner of the
                       file and the process does not have  appropriate  privi-
                       lege.



       EROFS           The  cmd  argument is  SETACL and the file specified by
                       pathp resides on a file system that  is  mounted  read-
                       only.



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()     allbox;     cw(2.750000i)|    cw(2.750000i)    lw(2.750000i)|
       lw(2.750000i).  ATTRIBUTE  TYPEATTRIBUTE  VALUE Interface   StabilityE-
       volving


SEE ALSO
       getfacl(1), setfacl(1), aclcheck(3SEC), aclsort(3SEC)




SunOS 5.10                        9 Sep 2004                            acl(2)