132900e82SRobert Watson.\"- 232900e82SRobert Watson.\" Copyright (c) 1999 Robert N. M. Watson 332900e82SRobert Watson.\" All rights reserved. 432900e82SRobert Watson.\" 532900e82SRobert Watson.\" Redistribution and use in source and binary forms, with or without 632900e82SRobert Watson.\" modification, are permitted provided that the following conditions 732900e82SRobert Watson.\" are met: 832900e82SRobert Watson.\" 1. Redistributions of source code must retain the above copyright 932900e82SRobert Watson.\" notice, this list of conditions and the following disclaimer. 1032900e82SRobert Watson.\" 2. Redistributions in binary form must reproduce the above copyright 1132900e82SRobert Watson.\" notice, this list of conditions and the following disclaimer in the 1232900e82SRobert Watson.\" documentation and/or other materials provided with the distribution. 1332900e82SRobert Watson.\" 1432900e82SRobert Watson.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1532900e82SRobert Watson.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1632900e82SRobert Watson.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1732900e82SRobert Watson.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 1832900e82SRobert Watson.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 1932900e82SRobert Watson.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2032900e82SRobert Watson.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2132900e82SRobert Watson.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2232900e82SRobert Watson.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2332900e82SRobert Watson.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2432900e82SRobert Watson.\" SUCH DAMAGE. 2532900e82SRobert Watson.\" 2632900e82SRobert Watson.Dd December 23, 1999 2732900e82SRobert Watson.Dt VOP_ACLCHECK 9 28*aa12cea2SUlrich Spörlein.Os 2932900e82SRobert Watson.Sh NAME 3032900e82SRobert Watson.Nm VOP_ACLCHECK 31eb083802SRuslan Ermilov.Nd check an access control list for a vnode 3232900e82SRobert Watson.Sh SYNOPSIS 3332eef9aeSRuslan Ermilov.In sys/param.h 3432eef9aeSRuslan Ermilov.In sys/vnode.h 3532eef9aeSRuslan Ermilov.In sys/acl.h 3632900e82SRobert Watson.Ft int 37c2508101SAndrew R. Reiter.Fn VOP_ACLCHECK "struct vnode *vp" "acl_type_t type" "struct acl *aclp" "struct ucred *cred" "struct thread *td" 3832900e82SRobert Watson.Sh DESCRIPTION 3932900e82SRobert WatsonThis vnode call may be used to determine the validity of a particular access 4032900e82SRobert Watsoncontrol list (ACL) for a particular file or directory. 4132900e82SRobert Watson.Pp 4232900e82SRobert WatsonIts arguments are: 4332900e82SRobert Watson.Bl -tag -width type 440640e9e0SHiten Pandya.It Fa vp 450a57ea7dSRuslan ErmilovThe vnode of the file or directory. 460640e9e0SHiten Pandya.It Fa type 470a57ea7dSRuslan ErmilovThe type of ACL to check. 480640e9e0SHiten Pandya.It Fa aclp 490a57ea7dSRuslan ErmilovA pointer to an ACL structure from which to retrieve the ACL data. 500640e9e0SHiten Pandya.It Fa cred 510a57ea7dSRuslan ErmilovThe user credentials to use in authorizing the request. 520640e9e0SHiten Pandya.It Fa td 530a57ea7dSRuslan ErmilovThe thread checking the ACL. 5432900e82SRobert Watson.El 5532900e82SRobert Watson.Pp 5632900e82SRobert WatsonThe 5732900e82SRobert Watson.Fa cred 5832900e82SRobert Watsonpointer may be NULL to indicate that access control checks are not to be 59c1c03d49SHiten Pandyaperformed, if possible. 60c1c03d49SHiten PandyaThis cred setting might be used to allow the 6132900e82SRobert Watsonkernel to authorize ACL verification that the active process might not be 6232900e82SRobert Watsonpermitted to do. 6332900e82SRobert Watson.Pp 6432900e82SRobert WatsonThe vnode ACL interface defines the syntax, and not semantics, of file and 65c1c03d49SHiten Pandyadirectory ACL interfaces. 66c1c03d49SHiten PandyaMore information about ACL management in kernel 6732900e82SRobert Watsonmay be found in 6832900e82SRobert Watson.Xr acl 9 . 6932900e82SRobert Watson.Sh LOCKS 7032900e82SRobert WatsonNo locks are required to call this vnode method, and any locks held on 7132900e82SRobert Watsonentry will be held on exit. 7232900e82SRobert Watson.Sh RETURN VALUES 7332900e82SRobert WatsonIf the 7432900e82SRobert Watson.Fa aclp 7532900e82SRobert Watsonpointer points to a valid ACL of type 7632900e82SRobert Watson.Fa type 7732900e82SRobert Watsonfor the object 7832900e82SRobert Watson.Fa vp , 79c1c03d49SHiten Pandyathen zero is returned. 80c1c03d49SHiten PandyaOtherwise, an appropriate error code is returned. 8132900e82SRobert Watson.Sh ERRORS 8232900e82SRobert Watson.Bl -tag -width Er 8332900e82SRobert Watson.It Bq Er EINVAL 84cc258457SDon LewisThe ACL type passed is invalid for this vnode, or the ACL data is invalid. 8532900e82SRobert Watson.It Bq Er EACCES 8681f8d226SDon LewisThe file or directory ACL does not permit access. 8732900e82SRobert Watson.It Bq Er ENOMEM 8881f8d226SDon LewisSufficient memory is not available to fulfill the request. 8932900e82SRobert Watson.It Bq Er EOPNOTSUPP 90cc258457SDon LewisThe file system does not support 91cc258457SDon Lewis.Fn VOP_ACLCHECK . 9232900e82SRobert Watson.El 9332900e82SRobert Watson.Sh SEE ALSO 9432900e82SRobert Watson.Xr acl 9 , 9532900e82SRobert Watson.Xr vnode 9 , 9632900e82SRobert Watson.Xr VOP_GETACL 9 , 9732900e82SRobert Watson.Xr VOP_SETACL 9 9832900e82SRobert Watson.Sh AUTHORS 99571dba6eSHiten PandyaThis manual page was written by 10032900e82SRobert Watson.An Robert Watson . 101