acl(2) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

acl(2)

acl(2)                           System Calls                           acl(2)



NAME
       acl, facl - get or set a file's Access Control List (ACL)

SYNOPSIS
       #include <sys/acl.h>

       int acl(char *pathp, int cmd, int nentries, void *aclbufp);


       int facl(int fildes, int cmd, int nentries, void *aclbufp);

DESCRIPTION
       The  acl() and facl() functions get or set the ACL of a file whose name
       is given by pathp or referenced by the open file descriptor fildes. The
       nentries  argument  specifies  how  many  ACL  entries  fit into buffer
       aclbufp. The acl() function is used to manipulate ACL  on  file  system
       objects.


       The following types are supported for aclbufp:

       aclent_t    Used by the UFS and NFS file systems.


       ace_t       Used by the ZFS and NFSv4 file systems.



       The following values for cmd are supported:

       SETACL           nentries   aclent_t   ACL entries, specified in buffer
                        aclbufp, are stored in the file's ACL. All directories
                        in the path name must be searchable.


       GETACL           Buffer aclbufp is filled with the file's aclent_t  ACL
                        entries. Read access to the file is not required,  but
                        all directories in the path name must be searchable.


       GETACLCNT        The  number  of entries in the file's aclent_t  ACL is
                        returned. Read access to the file is not required, but
                        all directories in the path name must be searchable.


       ACE_SETACL       nentries   ace_t  ACL  entries,  specified  in  buffer
                        aclbufp, are stored in the file's ACL. All directories
                        in  the path name must be searchable. Write ACL access
                        is required to change the file's ACL.


       ACE_GETACL       Buffer aclbufp is filled with  the  file's  ace_t  ACL
                        entries.  Read  access to the file is required and all
                        directories in the path name must be searchable.


       ACE_GETACLCNT    The number of entries  in  the  file's  ace_t  ACL  is
                        returned.  Read access to the file is required and all
                        directories in the path name must be searchable.


RETURN VALUES
       Upon successful completion, acl() and facl() return 0 if cmd is  SETACL
       or  ACE_SETACL.  If  cmd  is GETACL, GETACLCNT, ACE_GETACL or ACE_GETA‐
       CLCNT, the number of ACL entries is returned. Otherwise, −1 is returned
       and errno is set to indicate the error.

ERRORS
       The acl() function will fail if:

       EACCES     The  caller does not have access to a component of the path‐
                  name; the cmd argument is ACE_SETACL or SETACL and the call‐
                  er  does  not  have appropriate privilege to set one or more
                  specified ACE types.


       EFAULT     The pathp or aclbufp argument points to an illegal address.


       EINVAL     The cmd argument is not GETACL,  SETACL,  ACE_GETACL,  GETA‐
                  CLCNT, or ACE_GETACLCNT; the cmd argument is SETACL and nen‐
                  tries is less than 3; or  the  cmd  argument  is  SETACL  or
                  ACE_SETACL and the ACL specified in aclbufp is not valid.


       EIO        A  disk  I/O  error has occurred while storing or retrieving
                  the ACL.


       ENOENT     A component of the path does not exist.


       ENOSPC     The cmd argument is GETACL and nentries  is  less  than  the
                  number  of entries in the file's ACL, or the cmd argument is
                  SETACL and there is insufficient space in the file system to
                  store the ACL.


       ENOSYS     The cmd argument is SETACL or ACE_SETACL and the file speci‐
                  fied by pathp resides on a file system that does not support
                  ACLs,  or the acl() function is not supported by this imple‐
                  mentation.


       ENOTDIR    A component of the path specified by pathp is not  a  direc‐
                  tory,  or  the  cmd  argument is SETACL or ACE_SETACL and an
                  attempt is made to set a default ACL on a  file  type  other
                  than a directory.


       ENOTSUP    The cmd argument is GETACL, but the ACL is composed of ace_t
                  entries, and the ACL  cannot  be  translated  into  aclent_t
                  form.

                  The  cmd argument is ACE_SETACL, but the underlying filesys‐
                  tem only supports ACLs composed of aclent_t entries and  the
                  ACL could not be translated into aclent_t form.


       EPERM      The  effective  user ID does not match the owner of the file
                  and the process does not have appropriate privilege.


       EROFS      The cmd argument is SETACL or ACE_SETACL and the file speci‐
                  fied by pathp resides on a file system that is mounted read-
                  only.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE VALUE _ Interface StabilityCommitted


SEE ALSO
       aclcheck(3SEC), aclsort(3SEC), acl(7)



Oracle Solaris 11.4               13 May 2015                           acl(2)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3