xref: /illumos-gate/usr/src/man/man3sec/acl_get.3sec (revision bd97c7ce2344fa3252d8785c35895490916bc79b)
te
Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
Copyright 2023 Bill Sommerfeld
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
ACL_GET 3SEC "January 30, 2023"
NAME
acl_get, facl_get, acl_set, facl_set - get or set a file's Access Control List (ACL)
SYNOPSIS
cc [ flag.\|.\|. ] file.\|.\|. -lsec [ library.\|.\|. ]
#include <sys/acl.h>

int acl_get(const char *path, int flag, acl_t **aclp);

int facl_get(int fd, int flag, acl_t **aclp);

int acl_set(const char *path, acl_t *aclp);

int facl_set(int fd, acl_t *aclp);
DESCRIPTION
The acl_get() and facl_get() functions retrieve an Access Control List (ACL) of a file whose name is given by path or referenced by the open file descriptor fd. The flag argument specifies whether a trivial ACL should be retrieved. When the flag argument is ACL_NO_TRIVIAL, only ACLs that are not trivial will be retrieved. The ACL is returned in the aclp argument.

The acl_set() and facl_set() functions are used for setting an ACL of a file whose name is given by path or referenced by the open file descriptor fd. The aclp argument specifies the ACL to set.

The acl_get() and acl_set() functions support multiple types of ACLs. When possible, the acl_set() function translates an ACL to the target file's style of ACL. Currently this is only possible when translating from a POSIX-draft ACL such as on UFS to a file system that supports NFSv4 ACL semantics such as ZFS or NFSv4.

RETURN VALUES
Upon successful completion, acl_get() and facl_get() return 0 and aclp is non-NULL. The aclp argument can be NULL after successful completion if the file had a trivial ACL and the flag argument was ACL_NO_TRIVIAL. Otherwise, -1 is returned and errno is set to indicate the error.

Upon successful completion, acl_set() and facl_set() return 0. Otherwise, -1 is returned and errno is set to indicate the error.

ERRORS
These functions will fail if: EACCES

The caller does not have access to a component of path.

EIO

A disk I/O error has occurred while retrieving the ACL.

ENOENT

A component of the path does not exist.

ENOSYS

The file system does not support ACLs.

ENOTSUP

The ACL supplied could not be translated to an NFSv4 ACL.

ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability Evolving
MT-Level MT-Safe
SEE ALSO
chmod (1), acl (2), acl (7), attributes (7)