NAME
setaclentry(), fsetaclentry() — add, modify, or delete one entry in file's access control list (ACL) (HFS File Systems only)
SYNOPSIS
#include <unistd.h>
#include <acllib.h>
int setaclentry(const char *path, uid_t uid, gid_t gid, int mode);
int fsetaclentry(int fd, uid_t uid, gid_t gid, int mode);
DESCRIPTION
Both forms of this call add, modify, or delete one entry
in a file's access control list
(ACL).
setaclentry()
and
fsetaclentry()
take a path name
(path)
or open file descriptor
(fd)
and an entry identifier
(uid,
gid).
They change the indicated entry's access mode bits to the given value
(mode),
meanings of which are defined in
<unistd.h>.
modes
are represented as
R_OK,
W_OK,
and
X_OK.
Irrelevant bits in
mode
values must be zero.
If the file's
ACL
does not have an entry for the given
uid
and
gid,
the entry is created and added to the
ACL.
If
mode
is
MODE_DEL
(defined in
<acllib.h>),
the matching entry is deleted from the file's
ACL
if it is an optional entry,
or its mode bits are set to zero (no access) if it is a base entry.
uid
or
gid
can be
ACL_NSUSER
or
ACL_NSGROUP
(defined in
<sys/acl.h>),
respectively, to represent non-specific entries
u.%,
%.g,
or
%.%.
The file's
u.%
or
%.g
base entries can be referred to using
ACL_FILEOWNER
or
ACL_FILEGROUP
(defined in
<acllib.h>),
for the file's owner or group
ID,
respectively.
setaclentry()
and
fsetaclentry()
read the file's
ACL
with
getacl()
or
fgetacl()
and modify it with
setacl()
or
fsetacl(),
respectively.
RETURN VALUE
If successful,
setaclentry()
and
fsetaclentry()
return zero.
ERRORS
If an error occurs,
setaclentry()
and
fsetaclentry()
return the following negative values and set
errno:
- -1
Unable to perform
getacl()
or
fgetacl()
on the file.
errno
indicates the cause.
- -2
Unable to perform
stat()
or
fstat()
on the file.
errno
indicates the cause.
- -3
Cannot add a new entry because the
ACL
already has
NACLENTRIES
(defined in
<sys/acl.h>)
entries.
- -4
Cannot delete a nonexisting entry.
- -5
Unable to perform
setacl()
or
fsetacl()
on the file.
errno
indicates the cause.
EXAMPLES
The following code fragment adds an entry to file ``work/list'' for user
ID
115, group
ID
32, or modifies the existing entry for that user and group, if any,
with a new access mode of read only.
It also changes the owner base entry to have all access rights,
and deletes the entry, if any, for any user in group 109.
#include <unistd.h>
#include <acllib.h>
char *filename = "work/list";
setaclentry (filename, 115, 32, R_OK);
setaclentry (filename, ACL_FILEOWNER, ACL_NSGROUP, R_OK | W_OK | X_OK);
setaclentry (filename, ACL_NSUSER, 109, MODE_DEL);
DEPENDENCIES
- HFS
setaclentry()
and
fsetaclentry()
are only supported on HFS file system on standard HP-UX operating system.
- NFS
setaclentry()
and
fsetaclentry()
are not supported on remote files.
AUTHOR
setaclentry()
and
fsetaclentry()
were developed by HP.