Open System Services System Calls Reference Manual (G06.28+, H06.05+)
acl(5) OSS System Calls Reference Manual
ACL Uniqueness
Entries are unique in each ACL. An ACL can contain only one of each type of base entry, and
one entry for any given user or group ID. Likewise, an ACL can contain only one of each type of
default base entry, and one default entry for any given user or group ID.
ACL Inheritance
The permissions, including access control list entries, if any, for a newly created file are deter-
mined by:
• Whether the fileset of the created file supports OSS ACLs
• Whether the system on which the process is running supports OSS ACLs
• Whether the parent directory of the created file contains default ACL entries
• The file-creation mode (mode)
• The process umask (umask)
If the fileset does not support OSS ACLs, the permissions of the created file are the mode
bitwise-ANDed with the complement of the umask.
If the fileset supports OSS ACLs, but the system on which the process is running does not sup-
port OSS ACLs, and the parent directory for the created file does not have default ACL entries,
the permissions of the created file are the mode bitwise-ANDed with the complement of the
umask.
If the fileset supports OSS ACLs, but the system on which the process is running does not sup-
port OSS ACLs, and the parent directory for the created file has default ACL entries:
• The permissions for the base ACL entries of the created file or directory are determined
by a combination of the file-creation mode and the default base ACL entries of the parent
directory as follows:
USER_OBJ permissions
The DEF_USER_OBJ permissions bitwise-ANDed with the mode user
permissions bitwise-ANDed with the complement of the umask user
permissions.
GROUP_OBJ permissions
The DEF_GROUP_OBJ permissions
CLASS_OBJ permissions
The DEF_CLASS_OBJ permissions bitwise-ANDed with the mode
group permissions bitwise-ANDed with the complement of the umask
group permissions
OTHER_OBJ permissions
The DEF_OTHER_OBJ permissions bitwise-ANDed with the mode
other permissions bitwise-ANDed with the complement of the umask
other permissions
• The default optional ACL entries for the parent directory of the created file are added to
the ACL of the created file as actual (nondefault) optional ACL entries.
• If the created file is a directory, all of the default ACL entries of the parent directory are
added to the ACL of the new directory. This behavior allows ACL entries to be inherited
by files and directories created under this new directory.
12−6 Hewlett-Packard Company 527186-007