Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ dg_getoacl(2) — DG/UX 5.4.2T

Media Vault

Software Library

Restoration Projects

Artifacts Sought



dg_getoacl(2)              C2 Trusted DG/UX 5.4.2T             dg_getoacl(2)


NAME
       dggetoacl - get the access control list (ACL) for an object

SYNOPSIS
       #include <sys/types.h>
       #include <sys/dgtparms.h>
       #include <sys/acl.h>

       int  dggetoacl(targtype, targ, type, acl, aclsize,
            textacl, textaclsize)
       int            targtype;
       void           *targ;
       int            type;
       aclstructt   *acl;
       int            *aclsize;
       char           *textacl;
       int            *textaclsize;

   where:
       targtype    A token that identifies the type of object whose ACL is
                    fetched.  The available tokens are defined in
                    sys/dgtparms.h as follows:

                    TFILE  The object is a file identified by a path name.

                    TFD    The object is a file identified by a file
                            descriptor.

       targ         The address of the identifier of the object whose ACL is
                    fetched.  The value of targtype determines the type of
                    entity that targ points to as follows:

                    TFILE  targ points to a path name string.

                    TFD    targ points to a file descriptor.

       type         type indicates whether the call fetches an access ACL or
                    a default ACL. type must be set to either
                    ACL_TYPE_DEFAULT or ACL_TYPE_ACCESS.  Note that default
                    ACLs may only exist on directories.

       acl          The address of an aclstructt buffer to receive the
                    binary ACL.

       aclsize      A pointer to the size, in bytes, of the aclstructt
                    structure pointed to by acl; when zero the binary ACL is
                    not fetched. If a default ACL is requested but does not
                    exist on the target directory the size pointer to by
                    aclsize is set to zero.  An aclstructt is actually a
                    variable size structure with a fixed ``header'' (see
                    sys/acl.h).  If the buffer supplied to dggetoacl is too
                    small, the call returns -1, sets errno to E2BIG, and
                    stores the correct size at aclsize.




Licensed material--property of copyright holder(s)                         1




dg_getoacl(2)              C2 Trusted DG/UX 5.4.2T             dg_getoacl(2)


       textacl      A pointer to a buffer to receive the ASCII text ACL
                    stored with this object.  If no text ACL exists, the
                    size pointed to by textaclsize is set to zero.

                    Note that there is no assurance that the binary ACL
                    stored with the object would match the binary ACL that
                    is generated by converting the ASCII text ACL to binary.
                    Only the binary ACL is used by the reference monitor for
                    access control decisions.

       textaclsize  Points to the size in bytes of the text ACL. If this
                    parameter points to zero, dggetoacl assumes that it is
                    not to fetch the text ACL.  If the buffer passed is too
                    small, dggetoacl stores the required size at
                    textaclsize, returns -1, and sets errno to E2BIG.

DESCRIPTION
       The dggetoacl system call gets the ACL for the object identified by
       targtype and targ and stores it in the buffer pointed to by acl.

       If the size given for the binary or text ACL is non-zero but not big
       enough to hold the requested ACL the correct size is returned, in
       aclsize and/or textaclsize, and neither ACL is fetched.  When either
       buffer is bigger than necessary the ACL is fetched and the actual
       size(s) returned.  Therefore, the caller must not only check for an
       errno of E2BIG, but must also determine whether the value stored in
       aclsize or textaclsize has changed.

ACCESS CONTROL
       The process must have search access to the object's parent directory
       path.

RETURN VALUE
       0         Successful completion.

       -1        An error occurred. errno is set to indicate the error.

EXCEPTIONS
       errno may be set to one of the following error codes:

       EINVAL   The ACL type indicated in the type parameter is not
                ACL_TYPE_DEFAULT or ACL_TYPE_ACCESS.

       EINVAL   The object type indicated in the targtype parameter is not
                valid.

       EINVAL   Both aclsize and textaclsize pointed to zeros.

       EOPNOTSUPP
                The object type indicated in the targtype parameter does
                not support ACLs.

       ENOTDIR  The process attempted to get a default ACL for some object
                other than a directory.



Licensed material--property of copyright holder(s)                         2




dg_getoacl(2)              C2 Trusted DG/UX 5.4.2T             dg_getoacl(2)


       EDGNOATTR
                The target object does not have any of the requested ACL
                attributes.  For example, both a text and default ACLs was
                requested but the directory had neither.  Note that in this
                example if any one of the requested types was found it would
                be returned, the size of the missing type would be set to
                zero and no error would be returned.

       ENOENT   The object does not exist.

       E2BIG    One or both of the supplied buffers was too small. Note, the
                size parameter(s) are set to the correct size(s) at the time
                of the call.

       EFAULT   One of the parameters specified an area of memory not
                accessible to the calling process.

       ENOMEM   The operating system was unable to allocate internal memory
                to process the system call.

SEE ALSO
       dgsetoacl(2)

       Security Features User's Guide for C2 Trusted DG/UX System

































Licensed material--property of copyright holder(s)                         3


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026