int acl(const char~*pathp, int cmd, int aclcnt, acl_entry_t~*aclentp);
int facl(int filedes, int cmd, int aclcnt, acl_entry_t~*aclentp);
acl manipulates the ACL of the file named pathp. facl is identical to acl, only the ACL of the open file with file descriptor filedes is manipulated.
The cmd parameter can be one of the following constants, to get an ACL, get the number of entries in an ACL, or set an ACL:
ACL_GETACL ACL_GETACLCNT ACL_SETACL
If cmd is ACL_SETACL, aclentp contains the ACL entries to set for the file. aclcnt is the size of the aclentp buffer. The type acl_entry_t is defined as follows:
typedef struct { int a_type; uid_t a_id; mode_t a_perm; } acl_entry_t;
The a_type field determines the type of the ACL entry. This field can have one of the following values:
ACL_USER_OBJ (owner) ACL_USER (named user) ACL_GROUP_OBJ (group) ACL_GROUP (named group) ACL_MASK_OBJ (effective rights mask) ACL_OTHER_OBJ (others) ACL_DEF_USER_OBJ (default owner) ACL_DEF_USER (default named user) ACL_DEF_GROUP_OBJ (default group) ACL_DEF_GROUP (default named group) ACL_DEF_MASK_OBJ (default effective rights mask) ACL_DEF_OTHER_OBJ (default others)
The first six types specify an ACL entry; the remaining six entries specify a default ACL entry. Only directories may have a default ACL (they need not have one, however).
If the ACL entry type is ACL_USER or ACL_DEF_USER, the a_id field contains a valid user ID number. If the ACL entry type is ACL_GROUP or ACL_DEF_GROUP, the a_id field contains a valid group ID number.
In all other cases, the value of a_id is irrelevant for the ACL_SETACL operation.
The ACL_GETACL operation in addition stores the owner's user ID in the a_id field for ACL_USER and ACL_DEF_USER entries, and the owning group's group ID in the a_id field for ACL_GROUP and ACL_DEF_GROUP entries.
The a_perm entry contains the permissions associated with the ACL entry. Use the following constants (defined in <sys/stat.h>):
S_IROTH (read access) S_IWOTH (write access) S_IXOTH (list/execute access) [S_IRWXO (S_IROTH | S_IWOTH | S_IXOTH)]
Please send your bug reports, suggested features and comments to the above address.