File Access Control Library Functions aclcheck(3SEC)
NAME
aclcheck - check the validity of an ACL
SYNOPSIS
cc [ flag... ] file... -lsec [ library... ]
#include
int aclcheck(aclt *aclp, int isdir);
DESCRIPTION
The aclcheck() function checks the validity of an ACL
pointed to by aclp. The isdir argument checks the validity
of an ACL that will be applied to a directory. The ACL can
be either a POSIX draft ACL as supported by UFS or NFSv4 ACL
as supported by ZFS or NFSV4.
When the function verifies a POSIX draft ACL, the rules fol-
lowed are described in aclcheck(3SEC). For NFSv4 ACL, the
ACL is verified against the following rules:
o The inheritance flags are valid.
o The ACL must have at least one ACL entry and no
more than {MAXACLENTRIES}.
o The permission field contains only supported per-
missions.
o The entry type is valid.
o The flag fields contain only valid flags as sup-
ported by NFSv4/ZFS.
If any of the above rules are violated, the function fails
with errno set to EINVAL.
RETURN VALUES
If the ACL is valid, aclcheck() returns 0. Otherwise errno
is set to EINVAL and the return value is set to one of the
following:
EACLINHERITEROR There are invalid inheritance flags
specified.
EACLFLAGSEROR There are invalid flags specified on
the ACL that don't map to supported
flags in NFSV4/ZFS ACL model.
SunOS 5.11 Last change: 22 Apr 2008 1
File Access Control Library Functions aclcheck(3SEC)
EACLENTRYEROR The ACL contains an unknown value in
the type field.
EACLMEMEROR The system cannot allocate any
memory.
EACLINHERITNOTDIR Inheritance flags are only allowed
for ACLs on directories.
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Interface Stability Committed
MT-Level MT-Safe
SEE ALSO
acl(2), aclcheck(3SEC), aclsort(3SEC), acl(5), attributes(5)
SunOS 5.11 Last change: 22 Apr 2008 2
|
