Open System Services Shell and Utilities Reference Manual (G06.28+, H06.05+)
User Commands (s) setacl(1)
NAME
setacl - Modifies access control lists (ACLs) for files
SYNOPSIS
setacl [ -n ] -f acl_file file ...
setacl [ -n ] { -m | -d } acl_entries [{ -m | -d } acl_entries]... file ...
setacl [ -n ] -s acl_entries file ...
FLAGS
-n Normally, the setacl command recalculates the group class entry to ensure that
permissions specified in the additional ACL entries are actually granted, and the
value specified in the class entry is ignored. If you specify the -n flag, the recal-
culation is not performed, and the value specified in the class entry is used.
-s Sets the ACL for a file. All old ACL entries are removed and replaced with the
newly specified ACL. You must specify exactly one user entry for the owner of
the file, exactly one group entry for the owning group of the file, and exactly one
other entry. If you specify the -n flag, you must specify exactly one class entry
also. You can specify additional user ACL entries and additional group ACL
entries, but these entries must not duplicate user entries with the same user ID or
group entries with the same group ID.
-m Adds or modifies the specified ACL entry.
-d Deletes the specified entry from the ACL of the specified file.
-f Sets the ACL entries for file to the entries specified in acl_file.
You must specifiy one of the flags -s, -m, -d,or-f. If you specify -s or -f, other flags are invalid.
You can combine the -m and -d flags, and you can specify multiple -m and -d flags.
For a detailed description of the use of these flags, see DESCRIPTION.
DESCRIPTION
For each file specified, the setacl command either:
• Replaces the entire ACL.
• Adds, modifies, or deletes the specified ACL entries, including default entries for direc-
tories.
Only a user with a user ID equal to the super ID or file owner, or with a user ID or group
affiliation qualifying for membership in the Safeguard SECURITY-OSS-ADMINISTRATOR
group can use the setacl command to change the file access permissions for a file.
For the -m and -s flags, acl_entries are one or more comma-separated ACL entries selected from
the following list. For the -f flag, acl_file must contain ACL entries, one to a line, selected from
the same list. You can specify default ACL entries for directories only. Brackets denote optional
characters. Items formatted as a variable denote fields for you to enter. For example, u:uid:perm
becomes u:james:rwx. Choices, of which exactly one must be selected, are separated by verti-
cal bars.
u[ser]::operm|perm
u[ser]:uid:operm|perm
g[roup]::operm|perm
g[roup]:gid:operm|perm
c[lass]:operm|perm
o[ther]:operm|perm
d[efault]:u[ser]::operm|perm
527188-007 Hewlett-Packard Company 8−11