Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > S


HP-UX 11i Version 3: February 2007

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index


setaclentry(), fsetaclentry() — add, modify, or delete one entry in file's access control list (ACL) (HFS File Systems only)


#include <unistd.h> #include <acllib.h> int setaclentry(const char *path, uid_t uid, gid_t gid, int mode); int fsetaclentry(int fd, uid_t uid, gid_t gid, int mode);


Both forms of this call add, modify, or delete one entry in a file's access control list (ACL). setaclentry() and fsetaclentry() take a path name (path) or open file descriptor (fd) and an entry identifier (uid, gid). They change the indicated entry's access mode bits to the given value (mode), meanings of which are defined in <unistd.h>. modes are represented as R_OK, W_OK, and X_OK. Irrelevant bits in mode values must be zero.

If the file's ACL does not have an entry for the given uid and gid, the entry is created and added to the ACL. If mode is MODE_DEL (defined in <acllib.h>), the matching entry is deleted from the file's ACL if it is an optional entry, or its mode bits are set to zero (no access) if it is a base entry.

uid or gid can be ACL_NSUSER or ACL_NSGROUP (defined in <sys/acl.h>), respectively, to represent non-specific entries u.%, %.g, or %.%. The file's u.% or %.g base entries can be referred to using ACL_FILEOWNER or ACL_FILEGROUP (defined in <acllib.h>), for the file's owner or group ID, respectively.

setaclentry() and fsetaclentry() read the file's ACL with getacl() or fgetacl() and modify it with setacl() or fsetacl(), respectively.


If successful, setaclentry() and fsetaclentry() return zero.


If an error occurs, setaclentry() and fsetaclentry() return the following negative values and set errno:


Unable to perform getacl() or fgetacl() on the file. errno indicates the cause.


Unable to perform stat() or fstat() on the file. errno indicates the cause.


Cannot add a new entry because the ACL already has NACLENTRIES (defined in <sys/acl.h>) entries.


Cannot delete a nonexisting entry.


Unable to perform setacl() or fsetacl() on the file. errno indicates the cause.


The following code fragment adds an entry to file ``work/list'' for user ID 115, group ID 32, or modifies the existing entry for that user and group, if any, with a new access mode of read only. It also changes the owner base entry to have all access rights, and deletes the entry, if any, for any user in group 109.

#include <unistd.h> #include <acllib.h> char *filename = "work/list"; setaclentry (filename, 115, 32, R_OK); setaclentry (filename, ACL_FILEOWNER, ACL_NSGROUP, R_OK | W_OK | X_OK); setaclentry (filename, ACL_NSUSER, 109, MODE_DEL);



setaclentry() and fsetaclentry() are only supported on HFS file system on standard HP-UX operating system.


setaclentry() and fsetaclentry() are not supported on remote files.


setaclentry() and fsetaclentry() were developed by HP.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.