acl - get or set a file's access control lists
SYNOPSIS
#include <sys/acl.h>
int acl(char *name, int option, int nacls, acl_t *acls)
DESCRIPTION
acl() is used to get or set the ACL for a file whose name is given by
name. nacls specifies how many ACL entries fit into buffer
acls. acl() is used to manipulate the ACL on file system
objects.
The following three values for option, as defined in
<sys/acl.h>, are available:
- ACL_ADD
- nacls ACL entries, specified in buffer acls, are
added to the file's ACL. This command can only be executed by a process
that has an effective user ID equal to the owner of the file or root.
All directories in the path name must be searchable. The new ACL will
be merged with and override existing ones.
- ACL_GET
- Buffer acls is filled with the file's ACL entries. Read access to
the file is not required, but all directories in the path name must be
searchable.
- ACL_CLR
- Remove the ACL associated with a file. The arguments nacls and
acls are ignored. This command can only be executed by a process
that has an effective user ID equal to the owner of the file or root.
All directories in the path name must be searchable.
RETURN VALUES
Upon successful completion, if cmd is ACL_ADD, the number of set
entries is returned. If cmd is ACL_GET, the number of ACL entries
is returned and for ACL_CLR zero. Otherwise, a value of -1 is returned and
errno is set to indicate the error.
ERRORS
acl() will return, among others, the following errors:
- EINVAL
- option is invalid or nacls is out of range,
- ENOENT
- File does not have an ACL associated with it.
- ENOSYS
- V1 file system do not support ACLs.
SEE ALSO
acl(1)