Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ acl_clear(3T) — DG/UX 5.4.2T

Media Vault

Software Library

Restoration Projects

Artifacts Sought



acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


NAME
       acllibrary: acladdperm, aclalloc, aclcalcmask, aclcopyentry,
       aclcreateentry, acldeleteentry, acldeleteperm, aclfree,
       aclgetentry, aclgetperm, aclgettag, acltoexport,
       aclpackagesize, aclread, aclrewind, aclsetperm, aclsettag,
       aclfromexport, aclvalid, aclwrite, aclallocated,
       aclinternalcopy, aclclear, aclentryvalid, aclorder,
       aclnocalcmask, aclinternalclear, aclinternalfree, aclprintf,
       aclfprintf, aclgettext, aclreadject, aclwriteject - acl
       routines in libtrust.a

SYNOPSIS
       /*
        *    The following functions are modelled after the POSIX 1003.6 Draft
        *    ballot functions of the same name.
        */

       #include <sys/acl.h>

       int     acladdperm (aclentryt               entryd,
                             aclpermsett             perms)

       int     aclalloc (aclt                        *acldp)

       int     aclcalcmask (aclt                    acld)

       int     aclcopyentry (aclentryt             srcd,
                               aclentryt             destd)

       int     aclcreateentry (aclt                 acld,
                                 aclentryt           *entrydp)

       int     acldeleteentry (aclentryt           entrydp)

       int     acldeleteperm (aclentryt            entrydp,
                                aclpermsett          perms)

       int     aclfree (aclt                         acld)

       int     aclgetentry (aclt                    acld,
                              aclentryt              *entrydp)

       int     aclgetperm (aclentryt               entryd,
                             aclpermsett             *perms)

       int     aclgettag (aclentryt                entryd,
                            acltagt                  *tagtype,
                            void                       *tagqualifier)

       ssizet acltoexport (aclt                    acld,
                              char                     *buf,
                              ssizet                  buflen,
                              aclpackagetypet       packtype)




Licensed material--property of copyright holder(s)                         1




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       ssizet aclpackagesize (aclt                 acld,
                                 aclpackagetypet    packtype)

       int     aclread (char                          *path,
                         acltypet                    type,
                         aclt                         acld)

       int     aclrewind (aclt                       acld)

       int     aclsetperm (aclentryt               entryd,
                             aclpermsett             perms)

       int     aclsettag (aclentryt                entryd,
                            acltagt                  tagtype,
                            void                       *tagqualifier)

       int     aclfromexport (char                   *buf,
                                aclpackagetypet     packtype,
                                aclt                  acld)

       int     aclvalid (aclt                        acld,
                          acltypet                   type,
                          aclentryt                  *entrydp)

       int     aclwrite (char                         *path,
                          acltypet                   type,
                          aclt                        acld)

       /*
        *   The following functions are unique to the Trusted DG/UX system, and
        *   may not be portable to other systems.
        */

       #include <acl.h>

       int     aclallocated (aclt                    acld)

       int     aclinternalcopy (aclt                src,
                                  aclt                dest)

       int     aclclear (aclt                        acld)

       int     aclentryvalid (aclentryt            entryd)

       void    aclorder (aclt                        acld)

       int     aclnocalcmask (aclt                 acld)

       int     aclinternalclear (aclt               acld)

       int     aclinternalfree (aclt                *acldp)

       int     aclprintf (jectjecttype              jecttype,
                           int                         targtype,



Licensed material--property of copyright holder(s)                         2




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


                           const void                  *targ,
                           int                         acltype,
                           secobjectenumtype        objtype,
                           aclt                       acld,
                           int                         flags,
                           aclpermsett               *maskptr)

       int     aclfprintf (FILE                       *file,
                            jectjecttype             jecttype,
                            int                        targtype,
                            const void                 *targ,
                            int                        acltype,
                            secobjectenumtype       objtype,
                            aclt                      acld,
                            int                        flags,
                            aclpermsett              *maskptr)

       char    *aclgettext (jectjecttype                   jecttype,
                              int                              targtype,
                              const void                       *targ,
                              int                              acltype,
                              secobjectenumtype             objtype,
                              aclt                            acld,
                              int                              *lenptr,
                              int                              flags,
                              aclpermsett                    *maskptr)

       int     aclreadject (jectjecttype                   jecttype,
                              int                              targtype,
                              const void                       *targ,
                              int                              acltype,
                              aclt                            acld,
                              int                              flags)

       int     aclwriteject (jectjecttype                  jecttype,
                               int                             targtype,
                               const void                      *targ,
                               int                             acltype,
                               aclt                           acld,
                               int                             flags)



DESCRIPTION
       The functions in acllibrary provide support for dealing with Trusted
       DG/UX access control lists.  These functions may be found in
       libtrust.a.  Some of these functions need functions found in
       libdgc.a.

       The functions return 0 on success and -1 on failure unless otherwise
       noted.


       int     acladdperm (aclentryt               entryd,



Licensed material--property of copyright holder(s)                         3




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


                             aclpermsett             perms)


       The addaclperm() function adds the set of permissions found in
       perms to the ACL entry refered to by argument entryd.  Any
       permissions the ACL entry had prior to the call are left unchanged.
       Adding a permission that is already granted by the entry is not an
       error.  This function is modelled after the proposed POSIX 1003.6
       Draft standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.

       EINVAL  perms contains values not defined in aclpermsett.


       int     aclalloc (aclt                        *acldp)


       The aclalloc() function allocates and initializes a temporary area
       in which an ACL may be manipulated.  acldp is set to reference the
       created area.  This function is modelled after the proposed POSIX
       1003.6 Draft standard interface of the same name.

       Errors:

       ENOMEM  Could not allocate the memory for the aclt object.

       EINVAL  *acldp is not a valid pointer.


       int     aclcalcmask (aclt                    acld)


       The aclcalcmask() function calculates and sets the ACL_MASK_OBJ ACL
       entry for the ACL indicated by acld.  The value of ACL_MASK_OBJ is
       the union of the permissions of all ACL entries that refer to members
       of the File Group Class (i.e., ACL_GROUP_OBJ, ACL_USER, ACL_GROUP).
       The value of ACL_MASK_OBJ is identical to the file group class
       permission bits as displayed by the ls -l command.  If the ACL acld
       already contains an ACL_MASK_OBJ, its permissions are overwritten;
       if it does not contain an ACL_MASK_OBJ, one is added.  This function
       is modelled after the proposed POSIX 1003.6 Draft standard interface
       of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       ENOMEM  Can't allocate the memory required for an ACL entry.


       int     aclcopyentry (aclentryt             srcd,



Licensed material--property of copyright holder(s)                         4




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


                               aclentryt             destd)


       The aclcopyentry() function copies the contents of the ACL entry
       srcd to the ACL entry destd.  srcd and destd may refer to entries
       in different aclt structures.  The previous contents of the ACL
       entry destd are overwritten.  This function is modelled after the
       proposed POSIX 1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  srcd or destd does not refer to a valid ACL entry.


       int     aclcreateentry (aclt                 acld,
                                 aclentryt           *entrydp)


       The aclcreateentry() function creates a new ACL entry in the ACL
       indicated by acld.  If there is insufficient space in the ACL for
       creating a new entry, then additional memory is allocated.  The
       descriptor for this new ACL entry is returned in entrydp.  The
       components of the new ACL entry are initialized so that the ACL tag
       type and qualifier are invalid, and the set of permissions is empty.
       Use aclsettag() to set the tag and qualifier and aclsetperm() to
       set the permissions on the newly created entry.  This function is
       modelled after the proposed POSIX 1003.6 Draft standard interface of
       the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       ENOMEM  The ACL working storage requires more memory than the system
               is able to provide.


       int     acldeleteentry (aclentryt           entryd)


       The acldeleteentry() function removes the ACL entry entryd from
       the ACL that contains it.  entryd and any other ACL entry
       descriptors that refer to the same ACL entry are undefined after this
       function.  This function is modelled after the proposed POSIX 1003.6
       Draft standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.


       int     acldeleteperm (aclentryt            entrydp,
                                aclpermsett          perms)




Licensed material--property of copyright holder(s)                         5




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       The acldeleteperm() function deletes the set of permissions
       contained in perms from the ACL entry entryd.  Any permissions the
       ACL entry had prior to the call to acldeleteperm() not specified in
       perms are left unchanged.  The acldeleteperm() function does not
       return an error if the ACL entry does not have any of the specified
       permissions.  This function is modelled after the proposed POSIX
       1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.

       EINVAL  perms contains values not defined in aclpermsett.


       int     aclfree (aclt                         acld)


       The aclfree() function releases the working storage associated with
       acld.  Any existing ACL entry descriptions that refer to entries in
       the ACL become undefined.  Note that this function does not set the
       pointer acld to NULL.  This function is modelled after the proposed
       POSIX 1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  acld does refer to an ACL allocated by aclalloc().


       int     aclgetentry (aclt                    acld,
                              aclentryt              *entrydp)


       The aclgetentry() function obtains a descriptor to the next ACL
       entry of acld.  entrydp is set to point to this ACL entry.  acld
       must refer to an ACL that was previously opened via a call to
       aclalloc().

       The first call to aclgetentry() following a call to aclread(),
       aclrewind() or aclfromexport() obtains the first ACL entry in the
       ACL, as ordered by the system.  Subsequent calls to aclgetentry()
       obtain successive ACL entries, until the last entry is obtained.
       After the last entry has been obtained, the value 0 is returned.
       Calls to aclgetentry() do not modify any ACL entry or the ACL on
       the object from which it may have been obtained in any way.
       Subsequent operations using the returned ACL entry descriptor operate
       on the ACL entry within the ACL in working storage (and do not modify
       the ACL on the object from which it may have been obtained).  This
       function is modelled after the proposed POSIX 1003.6 Draft standard
       interface of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().



Licensed material--property of copyright holder(s)                         6




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       int     aclgetperm (aclentryt               entryd,
                             aclpermsett             *perms)


       The aclgetperm() function retrieves the permissions from the ACL
       entry entryd and returns them in perms.  Any permissions the ACL
       entry has prior to the call to aclgetperm() are left unchanged.
       This function is modelled after the proposed POSIX 1003.6 Draft
       standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.


       int     aclgettag (aclentryt                entryd,
                            acltagt                  *tagtype,
                            void                       *tagqualifier)


       The aclgettag() function returns the tag type and qualifier of the
       tag for the ACL entry entryd.  Upon successful completion, the
       location referred to by tagtype is set to the tag type of the ACL
       entry.  The location referred to by tagqualifier is set to the
       qualifier data contained within the ACL entry.  If the returned value
       of a tag type is (acltagt) ACL_USER, the type of tagqualifier is
       uidt.  If tagtype is (acltagt) ACL_GROUP, the tag type of
       tagqualifier is gidt.  If tagtype is ACL_USER_OBJ, ACL_GROUP_OBJ,
       ACL_OTHER_OBJ, or ACL_MASK_OBJ, the returned value of tagqualifier
       is undefined.  This function is modelled after the proposed POSIX
       1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to valid ACL entry.


       ssizet acltoexport (aclt                    acld,
                              char                     *buf,
                              ssizet                  buflen,
                              aclpackagetypet       packtype)


       The acltoexport() function translates the ACL in working storage
       (acld) into the memory referred to by buf in an exportable text
       package as specified by packtype.  The acltoexport() function will
       only package up to buflen bytes.

       packtype may be one of the following values defined in <sys/acl.h>:

       ACL_TEXT_PACKAGE  The ACL format as output by the getacl(1) command.
                         This function is modelled after the proposed POSIX





Licensed material--property of copyright holder(s)                         7




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


                         1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       EINVAL  packtype is not a valid package type.

       ENOMEM  The space referred to by buf and buflen is not sufficient to
               store the translated ACL.


       ssizet aclpackagesize (aclt                 acld,
                                 aclpackagetypet    packtype)


       The aclpackagesize() function determines the number of bytes
       necessary to represent the exportable data or text package as
       specified by packtype, for the ACL in working storage specified by
       acld.  This function is modelled after the proposed POSIX 1003.6
       Draft standard interface of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       EINVAL  packtype is not a valid package type.


       int     aclread (char                          *path,
                         acltypet                    type,
                         aclt                         acld)


       The aclread() function reads an object's access or default ACL into
       the working storage referred to by acld.  Any ACL already in the
       working storage is overwritten.  If there is insufficient space in
       acld to perform the operation, then additional memory is allocated.
       path points to a pathname naming the file object.  type is used to
       indicate the whether the access or default ACL is to be read.  type
       may be either ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT.

       The ACL in working storage is independent of the ACL on the file
       object.  The ACL in working storage does not participate in any
       access control decision.  This function is modelled after the
       proposed POSIX 1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL        acld does not refer to an ACL allocated by
                     aclalloc().

       EINVAL        type is neither ACL_TYPE_ACCESS nor ACL_TYPE_DEFAULT.




Licensed material--property of copyright holder(s)                         8




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       ENOMEM        The ACL working storage requires more memory than the
                     system is able to provide.

       EACCES        Search permission is denied on a component of the path
                     prefix.

       EACCES        Attribute read access to the file object is denied.

       ENAMETOOLONG  The length of path exceeds {PATH_MAX}, or a pathname
                     component is longer than {NAME_MAX} while
                     {POSIX_NO_TRUNC} is in effect.

       ENOTDIR       A component of the path prefix is not a directory.

       ENOTDIR       type is ACL_TYPE_DEFAULT and path does not refer to a
                     directory.

       ENOENT        The named file object does not exist or path points to
                     an empty string.


       int     aclrewind (aclt                       acld)


       The aclrewind() function sets the internal descriptor for acld such
       that a subsequent call to aclgetentry() using the same acld will
       obtain the first entry in the ACL.  This function is modelled after
       the proposed POSIX 1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().


       int     aclsetperm (aclentryt               entryd,
                             aclpermsett             perms)


       The aclsetperm() function sets the permissions of the ACL entry
       entryd to the permissions contained in perms.  The permissions of
       the ACL entry prior to the call to aclsetperm() are replaced.  This
       function is modelled after the proposed POSIX 1003.6 Draft standard
       interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.

       EINVAL  perms contains values not defined in aclpermsett.


       int     aclsettag (aclentryt                entryd,
                            acltagt                  tagtype,
                            void                       *tagqualifier)



Licensed material--property of copyright holder(s)                         9




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       The aclsettag() function sets the tag type of an ACL entry to the
       tag type in tagtype with a qualifier as specified by tagqualifier.
       If the tag type is ACL_USER_OBJ, ACL_GROUP_OBJ, ACL_OTHER_OBJ, or
       ACL_MASK_OBJ the tagqualifier may be passed as a value of NULL.
       This function is modelled after the proposed POSIX 1003.6 Draft
       standard interface of the same name.

       Errors:

       EINVAL  entryd does not refer to a valid ACL entry.

       EINVAL  tagtype is not a valid tag type.


       int     aclfromexport (char                   *buf,
                                aclpackagetypet     packtype,
                                aclt                  acld)

       The aclfromexport() function translates the exportable text or data
       package referred to by buf into the ACL working storage referred to
       by acld.  Any ACL in the working storage is overwritten.  If there
       is insufficient space in the acld working storage for translating
       the ACL, then additional memory is allocated.

       packtype may be one of the following values defined in <sys/acl.h>:

       ACL_TEXT_PACKAGE  The ACL format as output by the getacl(1) command.

       Any ACL entry descriptors that previously referred to entries within
       acld become undefined.  This function is modelled after the proposed
       POSIX 1003.6 Draft standard interface of the same name.

       Errors:

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       EINVAL  packtype is not a valid package type.

       ENOMEM  The ACL working storage requires more memory than the system
               is able to provide.


       int     aclvalid (aclt                        acld,
                          acltypet                   type,
                          aclentryt                  *entrydp)


       The aclvalid() function checks the access ACL or the default ACL
       referred to by acld for validity.  The three required entries
       ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER_OBJ must exist exactly once
       in an access ACL.  If an access ACL contains four or more entries,
       then the ACL_MASK_OBJ entry must exist exactly once.  The qualifier
       field must be unique among entries of the same tag type.  A default
       ACL may have zero entries, but if it does have entries they must



Licensed material--property of copyright holder(s)                        10




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       follow the same rules as entries in an access ACL.  This function is
       modelled after the proposed POSIX 1003.6 Draft standard interface of
       the same name.

       Errors:

       If any of the following conditions occur, the aclvalid() function
       sets the location referred to by entrydp to the ACL entry in error.

       EINVAL  The ACL contains entries that are not unique.

       If any of the following conditions occur, the aclvalid() function
       sets the location referred to by entrydp to NULL.

       EINVAL  acld does not refer to an ACL allocated by aclalloc().

       EINVAL  One or more of the required entries is not present.


       int     aclwrite (char                         *path,
                          acltypet                   type,
                          aclt                        acld)


       The aclwrite() function associates an ACL with a file object, or
       deletes a default ACL from a directory.  path points to the pathname
       of the file object. type indicates whether an access or default ACL
       is being written.  type may be either ACL_TYPE_ACCESS or
       ACL_TYPE_DEFAULT.

       The entries in the ACL may have been obtained via a call to the
       aclread() function, newly created via calls to the
       aclcreateentry() function, or by translating text defining an ACL
       with aclfromexport().  The argument path specified in the
       aclwrite() call is not necessarily the same as the argument path
       specified in the aclread() call.  The ACL may be otherwise
       manipulated by the various ACL functions.

       A default ACL may be removed from a directory by writing an ACL
       containing zero entries to that directory, i.e., an ACL created by
       aclalloc().

       The aclwrite() function will succeed only if the ACL is valid as
       defined by the aclvalid() function.

       Upon successful completion, aclwrite() sets the specified file
       object's access ACL or default ACL (whichever is being written) to
       that contained in acld. The file object's previous access or default
       ACL is no longer in effect.  No intermediate state will exist where
       the previous ACL and the new ACL, or the previous default ACL and the
       new default ACL, coexist in whole or in part.  This call may result
       in changes to the file's permission bits.  If aclwrite() is
       unsuccessful, neither the access ACL nor the default ACL of path will
       be changed.  This function is modelled after the proposed POSIX



Licensed material--property of copyright holder(s)                        11




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       1003.6 Draft standard interface of the same name.

       Errors:

       EACCES       Search permission is denied on a component of the path
                    prefix.

       EACCES       Attribute write access to path is denied.

       NAMETOOLONG  The length of path exceeds {PATH_MAX}, or a pathname
                    component is longer than {NAME_MAX} while
                    {POSIX_NO_TRUNC} is in effect.

       ENOTDIR      A component of the path prefix is not a directory.

       ENOTDIR      type is ACL_TYPE_DEFAULT and path does not refer to a
                    directory.

       ENOENT       The named file object does not exist or path points to
                    an empty string.

       EINVAL       acld does not refer to an ACL allocated by aclalloc()
                    or contains other errors.  Use aclvalid() to determine
                    what errors are in the ACL.

       EINVAL       type is neither ACL_TYPE_ACCESS nor ACL_TYPE_DEFAULT.

       EPERM        The effective UID of the process does not match the
                    owner of the file object and the process does not have
                    appropriate privilege to write the ACL.

       ENOSPC       There was not enough space to store the entire ACL from
                    the working storage during the write of the ACL.

       ENOSPC       {_POSIX_ACL_PRESENT} is not in effect for path and the
                    ACL contains more than the three base entries
                    (ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER_OBJ).

       EROFS        The named file object resides on a read-only file
                    system.


       int     aclallocated (aclt                    acld)


       The aclallocated() function ensures that acld is a valid aclt
       structure as returned by the aclalloc() function.  This function is
       unique to the Trusted DG/UX system, and may not be portable to other
       systems.

       Errors:

       EINVAL  acld is not of a form as allocated by aclalloc().




Licensed material--property of copyright holder(s)                        12




acl_library(3T)            C2 Trusted DG/UX 5.4.2T           acl_library(3T)


       int     aclinternalcopy (aclt                src,
                                  aclt                dest)


       The aclinternalcopy() function copies the ACL referenced by src
       into the ACL working storage referenced by dest.  If there is
       insufficient space in dest to perform the operation, then additional
       memory is allocated.  Any ACL previously in dest is overwritten.
       This function is unique to the Trusted DG/UX system, and may not be
       portable to other systems.

       Errors:

       EINVAL  src or dest is not a valid acld as allocated by aclalloc().

       EINVAL  src and dest do not have the same structure revision number.

       ENOMEM  The ACL working storage requires more memory than the system
               is able to provide.






































Licensed material--property of copyright holder(s)                        13


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026