Open System Services System Calls Reference Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

1411

acl(5) OSS System Calls Reference Manual

-rwxr-xr-- james admin dataﬁle

For this ﬁle:

• The owner is the user james.

• The group is admin.

• The name of the ﬁle is dataﬁle.

• The ﬁle owner permissions are rwx.

• The ﬁle group permissions are r-x.

• The ﬁle other permissions are r--.

In an ACL, user and group IDs are represented by names or numbers, as found in the user authen-

tication database and group database for the system.

ACL Notation

Supported commands that manage ACLs recognize these symbolic representations:

[d[efault]:]u[ser]:[uid]:perm

[d[efault]:]g[roup]:[gid]:perm

[d[efault]:]c[lass]:perm

[d[efault]:]o[ther]:perm

An ACL entry preﬁxed with d: or default: can only occur in ACLs for directories. The preﬁx

indicates that the remainder of the entry is not to be used in determining the access rights to the

directory but is instead to be applied to any ﬁles or subdirectories created in the directory (see

"ACL Inheritance" later in this reference page).

The uid and gid ﬁelds contain either numeric user or group IDs, or their corresponding character

strings from the authentication database and group database for the system.

The perm ﬁeld indicates access permission either in symbolic form, as a combination of r, w, x,

and - (dash), or in numeric form, as an octal value of 0 through 7 representing the sum of 4 for

read permission, 2 for write permission, and 1 for execute permission.

Types of ACL Entries

An ACL can contain several types of entries:

Base ACL Entries

The base ACL entries grant permissions equivalent to standard UNIX permis-

sions. When an ACL consists of the four base ACL entries only, it is called a

minimal ACL, and the permissions for the class and other ACL entries are

equal. The chmod() and acl() functions can change base ACL entries. Base

ACL entries are:

____________________________________________________________________________

Notation Entry Type Description

____________________________________________________________________________

user::perm USER_OBJ Permissions for the owner of the object

group::perm GROUP_OBJ Permissions for the owning group of the object

class:perm CLASS_OBJ The maximum permissions granted to the ﬁle group class

other:perm OTHER_OBJ Permissions for other users

____________________________________________________________________________

Class

Entry The class entry, which is one of the base ACL entries, acts as an upper bound for

ﬁle permissions. In an ACL that contains optional group entries or optional user

entries, the class entry speciﬁes the maximum permissions that can be granted

to:

12−4 Hewlett-Packard Company 527186-023