Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ getacl(1) — DG/UX R4.11MU05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

setacl(1)

ls(1)

chmod(1)



getacl(1)                DG/UX B2 Security R4.12MU02               getacl(1)


NAME
       getacl - display access control list (ACL)

SYNOPSIS
       getacl [-d] [-alpqr] {-o objecttype [object ...]}|{object ...}

   where:
       objecttype  Object type of the specified objects.
       object       Name of file object whose ACL is to be displayed.

DESCRIPTION
       The getacl command displays the specified file object's ACL.  The ACL
       of an object specifies the object's discretionary access control
       permissions.  Directories may also have default ACLs.

   Options
       -a     Display ACLs for all files, including those beginning with a
              ".," when used with the -r option.

       -d     Display the default ACL of the specified directory file
              objects.  Only directory file objects can have default ACLs.
              Using -d on non-directory objects generates usage errors.

       -l     If target is a symbolic link, operate on the link.  The
              default behavior is to operate on the object referenced by the
              link.

       -o     Specify the type of the object arguments.  Using -o
              objecttype and omitting object causes getacl to uses the
              default object.  Values for objecttype, the objects
              associated with them, the specification format for the
              objects, and the default objects are listed below.

              Value  Object         Format            Default
              f      file           file name         Working directory (.)
              p      process        PID number        Invoking process ID (0)
              m      shared memory  shared memory ID  0
              s      semaphore      semaphore set ID  0
              q      message queue  message queue ID  0

              If you omit -o objecttype and specify objects, the default
              object type is f (file).

              Note that UNIX-domain sockets are file objects.

       -p     Display absolute path names of file objects.

       -q     Do not write diagnostic messages.  The usage error message is
              always written.

       -r     Recursively descend through directory file objects, displaying
              the ACL of each file object.

   Format of ACL
       The format of the ACL displayed by getacl is in the specific format
       required by the setacl command and is described in the setacl(1)
       online manual page.  Therefore, you can use the output of the getacl
       command (with only a single file object argument) to copy an ACL from
       one file object to one or more file objects.

       You can use the -I option of the setacl command to read the ACL from
       either a file or by directly piping the standard output of getacl
       into the standard input of setacl -I.

EXAMPLES
       Directory dirabc has two files in it; alpha and beta. The recursion
       option of the getacl command is used to list the ACLs of all files in
       the file tree rooted by dirabc.

       getacl -r dirabc
       # directory file: dir_abc
       # owner: abc_user
       # group: abc_group
       user::rwx
       group::r-x
       other::---

       # file: dir_abc/alpha
       # owner: alpha_user
       # group: alpha_group
       user::rw-
       mask::rw-
       user:b_user:-w-
       group::r--
       other::---

       # file: dir_abc/beta
       # owner: beta_user
       # group: beta_group
       user::rw-
       mask::rw-
       user:a_user:-w-
       group::r--
       other::---

       Note that this output could not be used as input to setacl -I because
       it contains more than a single ACL specification.

DIAGNOSTICS
       The getacl command writes all diagnostic messages to stderr.  The
       getacl command exits with one of the following values:

       0    Executed correctly and displayed the ACLs of all objects.

       1    Run on a system that does not support ACLs.

       2    Could not display the ACL of at least one object.

       3    Usage is incorrect.

SEE ALSO
       setacl(1), ls(1), chmod(1), dggetoacl(2), acllibrary(3).


Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026