Open System Services System Calls Reference Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

1411

acl(5) OSS System Calls Reference Manual

_____________________________________________________________________________________

Notation Entry Type Description

______________________________________________________________________________

default:user::perm DEF_USER_OBJ Default permissions for the object owner

Default permissions for additional users

speciﬁed by uid

default:user:uid:perm DEF_USER

Default permissions for members of the

owning group of the object

default:group::perm DEF_GROUP_OBJ

Default permissions for members of the

additional group speciﬁed by gid

default:group:gid:perm DEF_GROUP

Default maximum permissions granted to

the ﬁle group class

default:class:perm DEF_CLASS_OBJ

default:other:perm DEF_OTHER_OBJ Default permissions granted to other users

______________________________________________________________________________

These entries are sometimes referred to as base default ACL entries because the permissions for

these entries in the parent directory, modiﬁed by the ﬁle-creation mode, the umask, or both,

become the permissions for the base ACL entries for a new ﬁle when the new ﬁle inherits ACL

entries from the parent directory:

• default:user::perm (DEF_USER_OBJ)

• default:group::perm (DEF_GROUP_OBJ)

• default:class:perm (DEF_CLASS_OBJ)

• default:other:perm (DEF_OTHER_OBJ)

ACL Uniqueness

Entries are unique in each ACL. An ACL can contain only one of each type of base entry, and

one entry for any given user or group ID. Likewise, an ACL can contain only one of each type of

default base entry, and one default entry for any given user or group ID.

ACL Inheritance

The permissions, including access control list entries, if any, for a newly created ﬁle are deter-

mined by:

• Whether the ﬁleset of the created ﬁle supports OSS ACLs

• Whether the system on which the process is running supports OSS ACLs

• Whether the parent directory of the created ﬁle contains default ACL entries

• The ﬁle-creation mode (mode)

• The process umask (umask)

If the ﬁleset does not support OSS ACLs, the permissions of the created ﬁle are the mode

bitwise-ANDed with the complement of the umask.

If the ﬁleset supports OSS ACLs, but the system on which the process is running does not sup-

port OSS ACLs, and the parent directory for the created ﬁle does not have default ACL entries,

the permissions of the created ﬁle are the mode bitwise-ANDed with the complement of the

umask.

If the ﬁleset supports OSS ACLs, but the system on which the process is running does not sup-

port OSS ACLs, and the parent directory for the created ﬁle has default ACL entries:

• The permissions for the base ACL entries of the created ﬁle or directory are determined

by a combination of the ﬁle-creation mode and the default base ACL entries of the parent

directory as follows:

12−6 Hewlett-Packard Company 527186-023