Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

acl_extended_fd(3) [centos man page]

ACL_EXTENDED_FD(3)					   BSD Library Functions Manual 					ACL_EXTENDED_FD(3)

NAME

     acl_extended_fd -- test for information in the ACL by file descriptor

LIBRARY

     Linux Access Control Lists library (libacl, -lacl).

SYNOPSIS

     #include <sys/types.h>
     #include <acl/libacl.h>

     int
     acl_extended_fd(int fd);

DESCRIPTION

     The acl_extended_fd() function returns 1 if the file identified by the argument fd is associated with an extended access ACL. The function
     returns 0 if the file does not have an extended access ACL.

     An extended ACL is an ACL that contains entries other than the three required entries of tag types ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER.
     If the result of the acl_extended_fd() function for a file object is 0, then the ACL defines no discretionary access rights other than those
     already defined by the traditional file permission bits.

     Access to the file object may be further restricted by other mechanisms, such as Mandatory Access Control schemes. The access(2) system call
     can be used to check whether a given type of access to a file object would be granted.

RETURN VALUE

     If successful, the acl_extended_fd() function returns 1 if the file object identified by fd has an extended access ACL, and 0 if the file
     object identified by fd does not have an extended access ACL. Otherwise, the value -1 is returned and the global variable errno is set to
     indicate the error.

ERRORS

     If any of the following conditions occur, the acl_extended_fd() function returns -1 and sets errno to the corresponding value:

     [EBADF]		The fd argument is not a valid file descriptor.

     [ENOTSUP]		The file system on which the file identified by fd is located does not support ACLs, or ACLs are disabled.

STANDARDS

     This is a non-portable, Linux specific extension to the ACL manipulation functions defined in IEEE Std 1003.1e draft 17 ("POSIX.1e", aban-
     doned).

SEE ALSO

     access(2), acl_get_fd(3), acl(5)

AUTHOR

     Written by Andreas Gruenbacher <a.gruenbacher@bestbits.at>.

Linux ACL							  March 23, 2002							 Linux ACL

Check Out this Related Man Page

ACL_CHECK(3)						   BSD Library Functions Manual 					      ACL_CHECK(3)

NAME

     acl_check -- check an ACL for validity

LIBRARY

     Linux Access Control Lists library (libacl, -lacl).

SYNOPSIS

     #include <sys/types.h>
     #include <acl/libacl.h>

     int
     acl_check(acl_t acl, int *last);

DESCRIPTION

     The acl_check() function checks the ACL referred to by the argument acl for validity.

     The three required entries ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER must exist exactly once in the ACL. If the ACL contains any ACL_USER or
     ACL_GROUP entries, then an ACL_MASK entry is also required. The ACL may contain at most one ACL_MASK entry.

     The user identifiers must be unique among all entries of type ACL_USER.  The group identifiers must be unique among all entries of type
     ACL_GROUP.

     If the ACL referred to by acl is invalid, acl_check() returns a positive error code that indicates which type of error was detected.  The
     following symbolic error codes are defined:

     ACL_MULTI_ERROR	   The ACL contains multiple entries that have a tag type that may occur at most once.

     ACL_DUPLICATE_ERROR   The ACL contains multiple ACL_USER entries with the same user ID, or multiple ACL_GROUP entries with the same group ID.

     ACL_MISS_ERROR	   A required entry is missing.

     ACL_ENTRY_ERROR	   The ACL contains an invalid entry tag type.

     The acl_error() function can be used to translate error codes to text messages.

     In addition, if the pointer last is not NULL, acl_check() assigns the number of the ACL entry at which the error was detected to the value
     pointed to by last.  Entries are numbered starting with zero, in the order in which they would be returned by the acl_get_entry() function.

RETURN VALUE

     If successful, the acl_check() function returns 0 if the ACL referred to by acl is valid, and a positive error code if the ACL is invalid.
     Otherwise, a value of -1 is returned and the global variable errno is set to indicate the error.

ERRORS

     If any of the following conditions occur, the acl_check() function returns -1 and sets errno to the corresponding value:

     [EINVAL]		The argument acl is not a valid pointer to an ACL.

STANDARDS

     This is a non-portable, Linux specific extension to the ACL manipulation functions defined in IEEE Std 1003.1e draft 17 ("POSIX.1e", aban-
     doned).

SEE ALSO

     acl_valid(3), acl(5)

AUTHOR

     Written by Andreas Gruenbacher <a.gruenbacher@bestbits.at>.

Linux ACL							  March 23, 2002							 Linux ACL
Man Page