HPUX setaclentry[3c]
setaclentry(3C) setaclentry(3C)
NAME
setaclentry(), fsetaclentry() - add, modify, or delete one entry in
file's access control list (ACL)
SYNOPSIS
#include <unistd.h>
#include <acllib.h>
int setaclentry(const char *path, int uid, int gid, int mode);
int fsetaclentry(int fd, int uid, int gid, int mode);
DESCRIPTION
Both forms of this call add, modify, or delete one entry in a file's
access control list (ACL). setaclentry() and fsetaclentry() take a
path name (path) or open file descriptor (fd) and an entry identifier
(uid, gid). They change the indicated entry's access mode bits to the
given value (mode), meanings of which are defined in <unistd.h>.
modes are represented as R_OK, W_OK, and X_OK. Irrelevant bits in
mode values must be zero.
If the file's ACL does not have an entry for the given uid and gid,
the entry is created and added to the ACL. If mode is MODE_DEL
(defined in <acllib.h>), the matching entry is deleted from the file's
ACL if it is an optional entry, or its mode bits are set to zero (no
access) if it is a base entry.
uid or gid can be ACL_NSUSER or ACL_NSGROUP (defined in <sys/acl.h>),
respectively, to represent non-specific entries u.%, %.g, or %.% . The
file's u.% or %.g base entries can be referred to using ACL_FILEOWNER
or ACL_FILEGROUP (defined in <acllib.h>), for the file's owner or
group ID, respectively.
setaclentry() and fsetaclentry() read the file's ACL with getacl() or
fgetacl() and modify it with setacl() or fsetacl(), respectively.
RETURN VALUE
If successful, setaclentry() and fsetaclentry() return zero.
ERRORS
If an error occurs, setaclentry() and fsetaclentry() return the
following negative values and set errno:
-1 Unable to perform getacl() or fgetacl() on the file. errno
indicates the cause.
-2 Unable to perform stat() or fstat() on the file. errno indicates
the cause.
-3 Cannot add a new entry because the ACL already has NACLENTRIES
(defined in <sys/acl.h>) entries.
Hewlett-Packard Company - 1 - HP-UX Release 9.0: August 1992
setaclentry(3C) setaclentry(3C)
-4 Cannot delete a nonexisting entry.
-5 Unable to perform setacl() or fsetacl() on the file. errno
indicates the cause.
EXAMPLES
The following code fragment adds an entry to file ``work/list'' for
user ID 115, group ID 32, or modifies the existing entry for that user
and group, if any, with a new access mode of read only. It also
changes the owner base entry to have all access rights, and deletes
the entry, if any, for any user in group 109.
#include <unistd.h>
#include <acllib.h>
char *filename = "work/list";
setaclentry (filename, 115, 32, R_OK);
setaclentry (filename, ACL_FILEOWNER, ACL_NSGROUP, R_OK | W_OK | X_OK);
setaclentry (filename, ACL_NSUSER, 109, MODE_DEL);
DEPENDENCIES
NFS setaclentry() and fsetaclentry() are not supported on remote
files.
AUTHOR
setaclentry() and fsetaclentry() were developed by HP.
SEE ALSO
getacl(2), setacl(2), stat(2), acltostr(3C), cpacl(3C), chownacl(3C),
strtoacl(3C), acl(5).
Hewlett-Packard Company - 2 - HP-UX Release 9.0: August 1992