acl - Access Control Lists
This desciption is for Access Control Lists (ACLs) as supported on XFS file systems.
ACLs provide a mechanism for finer grained access control than the traditional UNIX discretionary access control mechanism. An ACL is a list of users and/or groups and their access rights, which is associated with a file or directory. ACLs are optional. In addition to the ACL used to mediate access, a directory may have a second ACL which defines the default initial ACL for files created in that directory. Files have only the single access control ACL.
At the interface to the library routines, ACLs are represented in a struct acl which is defined in <acl/acl.h>.
|
#define ACL_MAX_ENTRIES 25 |
|
typedef ushort acl_perm_t; |
|
struct acl_entry { struct acl { |
This is a fixed size structure with a variable number of active struct acl_entry entries. The maximum number of entries is ACL_MAX_ENTRIES which is currently defined to be 25. The number of active entries is indicated in acl_cnt.
A struct acl_entry consists of three fields, ae_tag, which identifies the type of the entry, and is one of the following values (all other values are invalid):
ACL_USER_OBJ (0x01)
|
access permissions for the file's owner. |
ACL_USER (0x02)
|
access permissions for a user other than the owner. |
ACL_GROUP_OBJ (0x04)
|
access permissions for users with the same group as the file's group |
ACL_GROUP (0x08)
|
access permissions for other groups |
ACL_MASK (0x10)
|
mask entry |
ACL_OTHER_OBJ (0x20)
|
other entry. |
|
The ae_id field of struct acl_entry specifies the UID or GID for the entry. The ae_perm field specifies the permissions using the following defined values: |
ACL_READ (0x04)
|
read access permitted |
ACL_WRITE (0x02)
|
write access permitted |
ACL_EXECUTE (0x01)
|
execute (search for directories) access permitted |
As with the basic permissions for a file, these may be or'ed together.
Two types of ACLs are defined. ACL_TYPE_ACCESS (0) indicates that the ACL is to be used in making access control decisions for the file or directory with which it is associated. ACL_TYPE_DEFAULT (1) indicates that the ACL is a default ACL. Default ACLs are associated only with directories, and supply the initial ACL for a file created in that directory. Note that filecreation mode masks may effect the ACLs of files created as a result of using directory default ACLs (see umask(1)). ACLs are supplied using the acl_get_file(3c) and acl_set_file(3c) calls.
ACLs are represented in a standard format for human readable input / output. Each ACL entry is specified as three colon separated fields. ACL entries are separated by white space or new lines. Everything after a "#" character is considered a comment and is ignored to the end of the line. The first field of an ACL entry is the entry type, which can be one of the following: "user", "group", "other", "mask", "u", "g", "o", "m".
The second field is a user name, numeric UID, group name, or numeric GID, depending on the value of the first field. (acl_from_text(3c) supports only the strings, not the numeric UID/GID values.) If the second field is empty, it implies that the ACL entry is for the owning user or group of the file. Mask and other entries must have an empty second field. The third field is the discretionary access permissions for this ACL entry. This may be represented in two forms. The first is the string "rwx" where each letter may be replaced by a "" indicating no access of that type. The parsing of this string by acl_from_text(3c) requires that it be exactly as shown and not be reordered, e.g. rxw is not valid.
Some programs allow a second form, the relative symbolic form (used for input). The relative symbolic form is preceded by a ``+'' to indicate additional access or a ``^'' to indicate that access is to be removed, similarly to the inputs to the chmod(1) command. The relative symbolic string is at least one character. The symbolic string contains at most one each of the following characters in any order: "r", "w", and "x".