Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ getacl(1) — DG/UX 5.4.2T

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

setacl(1)

ls(1)

chmod(1)



getacl(1)                  C2 Trusted DG/UX 5.4.2T                 getacl(1)


NAME
       getacl - display the access control list (ACL) information of file
       objects

SYNOPSIS
       getacl [-d] [-alpqr] [-o objecttype] [object ...]

   where:
       objecttype is the object type of the specified objects.

       object       is the name of the file object(s) whose ACL(s) getacl
                    displays.

DESCRIPTION
       The getacl command displays the specified file objects' ACLs.  The
       ACL of an object specifies the object's discretionary access control
       permissions.  Directories may also have default ACLs.  For a complete
       discussion of ACLs, please see the Security Features User's Guide for
       the C2 Trusted DG/UX System.

       Options are:

       -a     causes getacl to display ACLs for files beginning with a "."
              when used with the -r option.

       -d     causes getacl to display the default ACL of the specified
              directory file objects.  Only directory file objects can have
              default ACLs.  This option used on a non-directory object will
              generate a usage error.

       -l     causes getacl not to follow symbolic links, i.e., no action is
              taken for symbolic links.

       -o objecttype
              objecttype specifies the type of the object arguments.  If -o
              objecttype is specified but an object is not, getacl uses the
              default objects listed below.  The values for objecttype, the
              objects associated with them, and the specification format for
              the objects are also listed below.

              Value      Object        Specification Format and Defaults

              f          file          filename (defaults to the current
                                       working directory, that is, ".")
                                       Note that UNIX®-domain sockets are
                                       file objects.

       -p     causes getacl to display absolute pathnames of file objects.

       -q     stops getacl from writing diagnostic messages.  The usage
              error message is always written.

       -r     causes getacl to recursively descend through directory file
              objects, displaying the ACL of each file object.



Licensed material--property of copyright holder(s)                         1




getacl(1)                  C2 Trusted DG/UX 5.4.2T                 getacl(1)


       The format of the ACL displayed by getacl is in the specific format
       required by the setacl(1) command, and is described in the setacl man
       page.  Therefore, the output of the getacl command (with only a
       single file object argument) may be used to copy an ACL from one file
       object to one or more file objects.  The -I option of the setacl
       command can be used to read the ACL from either a file or by directly
       piping the standard out of getacl into the standard in of setacl -I
       .....


EXAMPLES
       Directory dirabc has two files in it; alpha and beta. The recursion
       option of the getacl command is used to list the ACLs of all files in
       the file tree rooted by dirabc.
       getacl -r dirabc
       # directory file: dirabc
       # owner: abcuser
       # group: abcgroup
       user::rwx
       group::r-x
       other::---

       # file: dirabc/alpha
       # owner: alphauser
       # group: alphagroup
       user::rw-
       mask::rw-
       user:buser:-w-
       group::r--
       other::---

       # file: dirabc/beta
       # owner: betauser
       # group: betagroup
       user::rw-
       mask::rw-
       user:auser:-w-
       group::r--
       other::---


       Note that this output could not be used as input to setacl -I ...,
       because it contains more than a single ACL specification.

DIAGNOSTICS
       getacl writes all diagnostic messages to stderr.

       getacl exits with one of the following values:

            0    getacl executed correctly and displayed the ACLs of all
                 objects.

            1    getacl was run on a system that does not support ACLs.




Licensed material--property of copyright holder(s)                         2




getacl(1)                  C2 Trusted DG/UX 5.4.2T                 getacl(1)


            2    getacl could not display the ACL of at least one object.

            3    getacl usage is wrong.

SEE ALSO
       setacl(1), ls(1), chmod(1), dggetoacl(2), acllibrary(3),

       Security Features User's Guide for the C2 Trusted DG/UX System.

















































Licensed material--property of copyright holder(s)                         3


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026