1 ACLTOTEXT(3SEC)      File Access Control Library Functions     ACLTOTEXT(3SEC)
   2 
   3 
   4 
   5 NAME
   6        acltotext, aclfromtext - convert internal representation to or from
   7        external representation
   8 
   9 SYNOPSIS
  10        cc [ flag... ] file... -lsec [ library... ]
  11        #include <sys/acl.h>
  12 
  13        char *acltotext(aclent_t *aclbufp, int aclcnt);
  14 
  15 
  16        aclent_t *aclfromtext(char *acltextp, int *aclcnt);
  17 
  18 
  19 DESCRIPTION
  20        The acltotext() function converts an internal ACL representation
  21        pointed to by aclbufp into an external ACL representation. The space
  22        for the external text string is obtained using malloc(3C). The caller
  23        is responsible for freeing the space upon completion.
  24 
  25 
  26        The aclfromtext() function converts an external ACL representation
  27        pointed to by acltextp into an internal ACL representation.  The space
  28        for the list of ACL entries is obtained using malloc(3C). The caller is
  29        responsible for freeing the space upon completion. The aclcnt argument
  30        indicates the number of ACL entries found.
  31 
  32 
  33        An external ACL representation is defined as follows:
  34 
  35 
  36        <acl_entry>[,<acl_entry>]...
  37 
  38 
  39        Each <acl_entry>   contains one ACL entry. The external representation of
  40        an ACL entry contains two or three colon-separated fields. The first
  41        field contains the ACL entry tag type. The entry type keywords are
  42        defined as:
  43 
  44        user
  45                         This ACL entry with no UID specified in the ACL entry
  46                         ID field specifies the access granted to the owner of
  47                         the object.  Otherwise, this ACL entry specifies the
  48                         access granted to a specific user-name or user-id
  49                         number.
  50 
  51 
  52        group
  53                         This ACL entry with no GID specified in the ACL entry
  54                         ID field specifies the access granted to the owning
  55                         group of the object.  Otherwise, this ACL entry
  56                         specifies the access granted to a specific group-name
  57                         or group-id number.
  58 
  59 
  60        other
  61                         This ACL entry specifies the access granted to any
  62                         user or group that does not match any other ACL entry.
  63 
  64 
  65        mask
  66                         This ACL entry specifies the maximum access granted to
  67                         user or group entries.
  68 
  69 
  70        default:user
  71                         This ACL entry with no uid specified in the ACL entry
  72                         ID field specifies the default access granted to the
  73                         owner of the object.  Otherwise, this ACL entry
  74                         specifies the default access granted to a specific
  75                         user-name or user-ID number.
  76 
  77 
  78        default:group
  79                         This ACL entry with no gid specified in the ACL entry
  80                         ID field specifies the default access granted to the
  81                         owning group of the object.  Otherwise, this ACL entry
  82                         specifies the default access granted to a specific
  83                         group-name or group-ID number.
  84 
  85 
  86        default:other
  87                         This ACL entry specifies the default access for other
  88                         entry.
  89 
  90 
  91        default:mask
  92                         This ACL entry specifies the default access for mask
  93                         entry.
  94 
  95 
  96 
  97        The second field contains the ACL entry ID, as follows:
  98 
  99        uid
 100                 This field specifies a user-name, or user-ID if there is no
 101                 user-name associated with the user-ID number.
 102 
 103 
 104        gid
 105                 This field specifies a group-name, or group-ID if there is no
 106                 group-name associated with the group-ID number.
 107 
 108 
 109        empty
 110                 This field is used by the user and group ACL entry types.
 111 
 112 
 113 
 114        The third field contains the following symbolic discretionary access
 115        permissions:
 116 
 117        r
 118                 read permission
 119 
 120 
 121        w
 122                 write permission
 123 
 124 
 125        x
 126                 execute/search permission
 127 
 128 
 129        -
 130                 no access
 131 
 132 
 133 RETURN VALUES
 134        Upon successful completion, the acltotext() function returns a pointer
 135        to a text string. Otherwise, it returns NULL.
 136 
 137 
 138        Upon successful completion, the aclfromtext() function returns a
 139        pointer to a list of ACL entries. Otherwise, it returns NULL.
 140 
 141 ATTRIBUTES
 142        See attributes(5) for descriptions of the following attributes:
 143 
 144 
 145 
 146 
 147        +--------------------+-----------------+
 148        |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
 149        +--------------------+-----------------+
 150        |Interface Stability | Evolving        |
 151        +--------------------+-----------------+
 152        |MT-Level            | Unsafe          |
 153        +--------------------+-----------------+
 154 
 155 SEE ALSO
 156        acl(2), malloc(3C), attributes(5)
 157 
 158 
 159 
 160                                December 10, 2001               ACLTOTEXT(3SEC)