xref: /freebsd/lib/libsys/access.2 (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1.\" Copyright (c) 1980, 1991, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.Dd March 30, 2021
29.Dt ACCESS 2
30.Os
31.Sh NAME
32.Nm access ,
33.Nm eaccess ,
34.Nm faccessat
35.Nd check accessibility of a file
36.Sh LIBRARY
37.Lb libc
38.Sh SYNOPSIS
39.In unistd.h
40.Ft int
41.Fn access "const char *path" "int mode"
42.Ft int
43.Fn eaccess "const char *path" "int mode"
44.Ft int
45.Fn faccessat "int fd" "const char *path" "int mode" "int flag"
46.Sh DESCRIPTION
47The
48.Fn access
49and
50.Fn eaccess
51system calls check the accessibility of the
52file named by
53the
54.Fa path
55argument
56for the access permissions indicated by
57the
58.Fa mode
59argument.
60The value of
61.Fa mode
62is either the bitwise-inclusive OR of the access permissions to be
63checked
64.Dv ( R_OK
65for read permission,
66.Dv W_OK
67for write permission, and
68.Dv X_OK
69for execute/search permission),
70or the existence test
71.Pq Dv F_OK .
72.Pp
73For additional information, see the
74.Sx "File Access Permission"
75section of
76.Xr intro 2 .
77.Pp
78The
79.Fn eaccess
80system call uses
81the effective user ID and the group access list
82to authorize the request;
83the
84.Fn access
85system call uses
86the real user ID in place of the effective user ID,
87the real group ID in place of the effective group ID,
88and the rest of the group access list.
89.Pp
90The
91.Fn faccessat
92system call is equivalent to
93.Fn access
94except in the case where
95.Fa path
96specifies a relative path.
97In this case the file whose accessibility is to be determined is
98located relative to the directory associated with the file descriptor
99.Fa fd
100instead of the current working directory.
101If
102.Fn faccessat
103is passed the special value
104.Dv AT_FDCWD
105in the
106.Fa fd
107parameter, the current working directory is used and the behavior is
108identical to a call to
109.Fn access .
110Values for
111.Fa flag
112are constructed by a bitwise-inclusive OR of flags from the following
113list, defined in
114.In fcntl.h :
115.Bl -tag -width indent
116.It Dv AT_EACCESS
117The checks for accessibility are performed using the effective user and group
118IDs instead of the real user and group ID as required in a call to
119.Fn access .
120.It Dv AT_RESOLVE_BENEATH
121Only walk paths below the directory specified by the
122.Ar fd
123descriptor.
124See the description of the
125.Dv O_RESOLVE_BENEATH
126flag in the
127.Xr open 2
128manual page.
129.It Dv AT_EMPTY_PATH
130If the
131.Fa path
132argument is an empty string, operate on the file or directory
133referenced by the descriptor
134.Fa fd .
135If
136.Fa fd
137is equal to
138.Dv AT_FDCWD ,
139operate on the current working directory.
140.El
141.Pp
142Even if a process's real or effective user has appropriate privileges
143and indicates success for
144.Dv X_OK ,
145the file may not actually have execute permission bits set.
146Likewise for
147.Dv R_OK
148and
149.Dv W_OK .
150.Sh RETURN VALUES
151.Rv -std
152.Sh ERRORS
153.Fn access ,
154.Fn eaccess ,
155or
156.Fn faccessat
157will fail if:
158.Bl -tag -width Er
159.It Bq Er EINVAL
160The value of the
161.Fa mode
162argument is invalid.
163.It Bq Er ENOTDIR
164A component of the path prefix is not a directory.
165.It Bq Er ENAMETOOLONG
166A component of a pathname exceeded 255 characters,
167or an entire path name exceeded 1023 characters.
168.It Bq Er ENOENT
169The named file does not exist.
170.It Bq Er ELOOP
171Too many symbolic links were encountered in translating the pathname.
172.It Bq Er EROFS
173Write access is requested for a file on a read-only file system.
174.It Bq Er ETXTBSY
175Write access is requested for a pure procedure (shared text)
176file presently being executed.
177.It Bq Er EACCES
178Permission bits of the file mode do not permit the requested
179access, or search permission is denied on a component of the
180path prefix.
181.It Bq Er EFAULT
182The
183.Fa path
184argument
185points outside the process's allocated address space.
186.It Bq Er EIO
187An I/O error occurred while reading from or writing to the file system.
188.It Bq Er EINTEGRITY
189Corrupted data was detected while reading from the file system.
190.El
191.Pp
192Also, the
193.Fn faccessat
194system call may fail if:
195.Bl -tag -width Er
196.It Bq Er EBADF
197The
198.Fa path
199argument does not specify an absolute path and the
200.Fa fd
201argument is
202neither
203.Dv AT_FDCWD
204nor a valid file descriptor.
205.It Bq Er EINVAL
206The value of the
207.Fa flag
208argument is not valid.
209.It Bq Er ENOTDIR
210The
211.Fa path
212argument is not an absolute path and
213.Fa fd
214is neither
215.Dv AT_FDCWD
216nor a file descriptor associated with a directory.
217.It Bq Er ENOTCAPABLE
218.Fa path
219is an absolute path,
220or contained a ".." component leading to a
221directory outside of the directory hierarchy specified by
222.Fa fd ,
223and the process is in capability mode.
224.El
225.Sh SEE ALSO
226.Xr chmod 2 ,
227.Xr intro 2 ,
228.Xr stat 2
229.Sh STANDARDS
230The
231.Fn access
232system call is expected to conform to
233.St -p1003.1-90 .
234The
235.Fn faccessat
236system call follows The Open Group Extended API Set 2 specification.
237.Sh HISTORY
238The
239.Fn access
240function appeared in
241.At v7 .
242The
243.Fn faccessat
244system call appeared in
245.Fx 8.0 .
246.Sh SECURITY CONSIDERATIONS
247The
248.Fn access
249system call
250is a potential security hole due to race conditions and
251should never be used.
252Set-user-ID and set-group-ID applications should restore the
253effective user or group ID,
254and perform actions directly rather than use
255.Fn access
256to simulate access checks for the real user or group ID.
257The
258.Fn eaccess
259system call
260likewise may be subject to races if used inappropriately.
261.Pp
262.Fn access
263remains useful for providing clues to users as to whether operations
264make sense for particular filesystem objects (e.g. 'delete' menu
265item only highlighted in a writable folder ... avoiding interpretation
266of the st_mode bits that the application might not understand --
267e.g. in the case of AFS).
268It also allows a cheaper file existence test than
269.Xr stat 2 .
270