REVOKE(2) BSD System Calls Manual REVOKE(2)
revoke -- revoke file access
revoke(const char *path);
The revoke function invalidates all current open file descriptors in the
system for the file named by path. Subsequent operations on any such
descriptors fail, with the exceptions that a read() from a character
device file which has been revoked returns a count of zero (end of file),
and a close() call will succeed. If the file is a special file for a
device which is open, the device close function is called as if all open
references to the file had been closed.
Access to a file may be revoked only by its owner or the superuser. The
revoke function is normally used to prepare a terminal device for a new
login session, preventing any access by a previous user of the terminal.
Upon successful completion, the value 0 is returned; otherwise the
value -1 is returned and the global variable errno is set to indicate the
Access to the named file is revoked unless one of the following:
[ENOTDIR] A component of the path prefix is not a directory.
[ENAMETOOLONG] A component of a pathname exceeded NAME_MAX charac-
ters, or an entire pathname (including the terminating
NUL) exceeded PATH_MAX bytes.
[ENOENT] The named file or a component of the path name does
[EACCES] Search permission is denied for a component of the
[ELOOP] Too many symbolic links were encountered in translat-
ing the pathname.
[EFAULT] path points outside the process's allocated address
[EPERM] The caller is neither the owner of the file nor the
The revoke function was introduced in 4.3BSD-Reno.
BSD January 19, 2015 BSD