|
rpm-build |
0a0c83 |
.\" Access Control Lists manual pages
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.\" (C) 2002 Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.\" This is free documentation; you can redistribute it and/or
|
|
rpm-build |
0a0c83 |
.\" modify it under the terms of the GNU General Public License as
|
|
rpm-build |
0a0c83 |
.\" published by the Free Software Foundation; either version 2 of
|
|
rpm-build |
0a0c83 |
.\" the License, or (at your option) any later version.
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.\" The GNU General Public License's references to "object code"
|
|
rpm-build |
0a0c83 |
.\" and "executables" are to be interpreted as the output of any
|
|
rpm-build |
0a0c83 |
.\" document formatting or typesetting system, including
|
|
rpm-build |
0a0c83 |
.\" intermediate and printed output.
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.\" This manual is distributed in the hope that it will be useful,
|
|
rpm-build |
0a0c83 |
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
rpm-build |
0a0c83 |
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
rpm-build |
0a0c83 |
.\" GNU General Public License for more details.
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.\" You should have received a copy of the GNU General Public
|
|
rpm-build |
0a0c83 |
.\" License along with this manual. If not, see
|
|
rpm-build |
0a0c83 |
.\" <http://www.gnu.org/licenses/>.
|
|
rpm-build |
0a0c83 |
.\"
|
|
rpm-build |
0a0c83 |
.Dd March 23, 2002
|
|
rpm-build |
0a0c83 |
.Dt ACL 5
|
|
rpm-build |
0a0c83 |
.Os "Linux ACL"
|
|
rpm-build |
0a0c83 |
.Sh NAME
|
|
rpm-build |
0a0c83 |
.Nm acl
|
|
rpm-build |
0a0c83 |
.Nd Access Control Lists
|
|
rpm-build |
0a0c83 |
.Sh DESCRIPTION
|
|
rpm-build |
0a0c83 |
This manual page describes POSIX Access Control Lists, which are used to
|
|
rpm-build |
0a0c83 |
define more fine-grained discretionary access rights for files and
|
|
rpm-build |
0a0c83 |
directories.
|
|
rpm-build |
0a0c83 |
.Sh ACL TYPES
|
|
rpm-build |
0a0c83 |
Every object can be thought of as having associated with it an ACL that
|
|
rpm-build |
0a0c83 |
governs the discretionary access to that object; this ACL is referred to
|
|
rpm-build |
0a0c83 |
as an access ACL. In addition, a directory may have an associated ACL
|
|
rpm-build |
0a0c83 |
that governs the initial access ACL for objects created within that
|
|
rpm-build |
0a0c83 |
directory; this ACL is referred to as a default ACL.
|
|
rpm-build |
0a0c83 |
.Sh ACL ENTRIES
|
|
rpm-build |
0a0c83 |
An ACL consists of a set of ACL entries. An ACL entry specifies the
|
|
rpm-build |
0a0c83 |
access permissions on the associated object for an individual user or a
|
|
rpm-build |
0a0c83 |
group of users as a combination of read, write and search/execute
|
|
rpm-build |
0a0c83 |
permissions.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
An ACL entry contains an entry tag type, an optional entry tag
|
|
rpm-build |
0a0c83 |
qualifier, and a set of permissions.
|
|
rpm-build |
0a0c83 |
We use the term qualifier to denote the entry tag qualifier of an ACL entry.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The qualifier denotes the identifier of a user or a group, for entries
|
|
rpm-build |
0a0c83 |
with tag types of ACL_USER or ACL_GROUP, respectively. Entries with tag
|
|
rpm-build |
0a0c83 |
types other than ACL_USER or ACL_GROUP have no defined qualifiers.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The following entry tag types are defined:
|
|
rpm-build |
0a0c83 |
.Bl -tag -offset indent -width ACL_GROUP_OBJ.
|
|
rpm-build |
0a0c83 |
.It ACL_USER_OBJ
|
|
rpm-build |
0a0c83 |
The ACL_USER_OBJ entry denotes access rights for the file owner.
|
|
rpm-build |
0a0c83 |
.It ACL_USER
|
|
rpm-build |
0a0c83 |
ACL_USER entries denote access rights for users identified by
|
|
rpm-build |
0a0c83 |
the entry's qualifier.
|
|
rpm-build |
0a0c83 |
.It ACL_GROUP_OBJ
|
|
rpm-build |
0a0c83 |
The ACL_GROUP_OBJ entry denotes access rights for the file group.
|
|
rpm-build |
0a0c83 |
.It ACL_GROUP
|
|
rpm-build |
0a0c83 |
ACL_GROUP entries denote access rights for groups identified by
|
|
rpm-build |
0a0c83 |
the entry's qualifier.
|
|
rpm-build |
0a0c83 |
.It ACL_MASK
|
|
rpm-build |
0a0c83 |
The ACL_MASK entry denotes the maximum access rights that can be granted
|
|
rpm-build |
0a0c83 |
by entries of type ACL_USER, ACL_GROUP_OBJ, or ACL_GROUP.
|
|
rpm-build |
0a0c83 |
.It ACL_OTHER
|
|
rpm-build |
0a0c83 |
The ACL_OTHER entry denotes access rights for processes
|
|
rpm-build |
0a0c83 |
that do not match any other entry in the ACL.
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
When an access check is performed, the ACL_USER_OBJ and ACL_USER entries
|
|
rpm-build |
0a0c83 |
are tested against the effective user ID. The effective group ID, as
|
|
rpm-build |
0a0c83 |
well as all supplementary group IDs are tested against the ACL_GROUP_OBJ
|
|
rpm-build |
0a0c83 |
and ACL_GROUP entries.
|
|
rpm-build |
0a0c83 |
.Sh VALID ACLs
|
|
rpm-build |
0a0c83 |
A valid ACL contains exactly one entry with each of the ACL_USER_OBJ,
|
|
rpm-build |
0a0c83 |
ACL_GROUP_OBJ, and ACL_OTHER tag types. Entries with ACL_USER and
|
|
rpm-build |
0a0c83 |
ACL_GROUP tag types may appear zero or more times in an ACL. An ACL that
|
|
rpm-build |
0a0c83 |
contains entries of ACL_USER or ACL_GROUP tag types must contain
|
|
rpm-build |
0a0c83 |
exactly one entry of the ACL_MASK tag type. If an ACL contains no
|
|
rpm-build |
0a0c83 |
entries of ACL_USER or ACL_GROUP tag types, the ACL_MASK entry is
|
|
rpm-build |
0a0c83 |
optional.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
All user ID qualifiers must be unique among all entries of
|
|
rpm-build |
0a0c83 |
ACL_USER tag type, and all group IDs must be unique among all entries of
|
|
rpm-build |
0a0c83 |
ACL_GROUP tag type.
|
|
rpm-build |
0a0c83 |
.\"minimal vs. extended ACLs
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The
|
|
rpm-build |
0a0c83 |
.Fn acl_get_file
|
|
rpm-build |
0a0c83 |
function returns an ACL with zero ACL entries as the default ACL of a
|
|
rpm-build |
0a0c83 |
directory, if the directory is not associated with a default ACL. The
|
|
rpm-build |
0a0c83 |
.Fn acl_set_file
|
|
rpm-build |
0a0c83 |
function also accepts an ACL with zero ACL entries as a valid default ACL for
|
|
rpm-build |
0a0c83 |
directories, denoting that the directory shall not be associated with a
|
|
rpm-build |
0a0c83 |
default ACL. This is equivalent to using the
|
|
rpm-build |
0a0c83 |
.Fn acl_delete_def_file
|
|
rpm-build |
0a0c83 |
function.
|
|
rpm-build |
0a0c83 |
.Sh CORRESPONDENCE BETWEEN ACL ENTRIES AND FILE PERMISSION BITS
|
|
rpm-build |
0a0c83 |
The permissions defined by ACLs are a superset of the permissions
|
|
rpm-build |
0a0c83 |
specified by the file permission bits.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
There is a correspondence between the file owner, group, and other
|
|
rpm-build |
0a0c83 |
permissions and specific ACL entries: the owner permissions correspond
|
|
rpm-build |
0a0c83 |
to the permissions of the ACL_USER_OBJ entry. If the ACL has an ACL_MASK
|
|
rpm-build |
0a0c83 |
entry, the group permissions correspond to the permissions of the
|
|
rpm-build |
0a0c83 |
ACL_MASK entry. Otherwise, if the ACL has no ACL_MASK entry, the group
|
|
rpm-build |
0a0c83 |
permissions correspond to the permissions of the ACL_GROUP_OBJ entry.
|
|
rpm-build |
0a0c83 |
The other permissions correspond to the permissions of the ACL_OTHER_OBJ
|
|
rpm-build |
0a0c83 |
entry.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The file owner, group, and other permissions always match the
|
|
rpm-build |
0a0c83 |
permissions of the corresponding ACL entry. Modification of the file
|
|
rpm-build |
0a0c83 |
permission bits results in the modification of the associated ACL
|
|
rpm-build |
0a0c83 |
entries, and modification of these ACL entries results in the
|
|
rpm-build |
0a0c83 |
modification of the file permission bits.
|
|
rpm-build |
0a0c83 |
.Sh OBJECT CREATION AND DEFAULT ACLs
|
|
rpm-build |
0a0c83 |
The access ACL of a file object is initialized when the object is
|
|
rpm-build |
0a0c83 |
created with any of the
|
|
rpm-build |
0a0c83 |
.Fn creat ,
|
|
rpm-build |
0a0c83 |
.Fn mkdir ,
|
|
rpm-build |
0a0c83 |
.Fn mknod ,
|
|
rpm-build |
0a0c83 |
.Fn mkfifo ,
|
|
rpm-build |
0a0c83 |
or
|
|
rpm-build |
0a0c83 |
.Fn open
|
|
rpm-build |
0a0c83 |
functions. If a default ACL is associated with a directory, the
|
|
rpm-build |
0a0c83 |
.Va mode
|
|
rpm-build |
0a0c83 |
parameter to the functions creating file objects and the default ACL of
|
|
rpm-build |
0a0c83 |
the directory are used to determine the ACL of the new object:
|
|
rpm-build |
0a0c83 |
.Bl -enum
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
The new object inherits the default ACL of the containing directory
|
|
rpm-build |
0a0c83 |
as its access ACL.
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
The access ACL entries corresponding to the file permission bits are
|
|
rpm-build |
0a0c83 |
modified so that they contain no permissions that are not
|
|
rpm-build |
0a0c83 |
contained in the permissions specified by the
|
|
rpm-build |
0a0c83 |
.Va mode
|
|
rpm-build |
0a0c83 |
parameter.
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
If no default ACL is associated with a directory, the
|
|
rpm-build |
0a0c83 |
.Va mode
|
|
rpm-build |
0a0c83 |
parameter to the functions creating file objects and the file creation
|
|
rpm-build |
0a0c83 |
mask (see
|
|
rpm-build |
0a0c83 |
.Xr umask 2 )
|
|
rpm-build |
0a0c83 |
are used to determine the ACL of the new object:
|
|
rpm-build |
0a0c83 |
.Bl -enum
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
The new object is assigned an access ACL containing entries of tag types
|
|
rpm-build |
0a0c83 |
ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER. The permissions of these
|
|
rpm-build |
0a0c83 |
entries are set to the permissions specified by the file creation mask.
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
The access ACL entries corresponding to the file permission bits are
|
|
rpm-build |
0a0c83 |
modified so that they contain no permissions that are not
|
|
rpm-build |
0a0c83 |
contained in the permissions specified by the
|
|
rpm-build |
0a0c83 |
.Va mode
|
|
rpm-build |
0a0c83 |
parameter.
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Sh ACCESS CHECK ALGORITHM
|
|
rpm-build |
0a0c83 |
A process may request read, write, or execute/search access to a file object
|
|
rpm-build |
0a0c83 |
protected by an ACL. The access check algorithm determines whether access to
|
|
rpm-build |
0a0c83 |
the object will be granted.
|
|
rpm-build |
0a0c83 |
.Bl -enum
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
.Sy If
|
|
rpm-build |
0a0c83 |
the effective user ID of the process matches the user ID of the file object owner,
|
|
rpm-build |
0a0c83 |
.Sy then
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Bd -filled -offset indent
|
|
rpm-build |
0a0c83 |
.Sy if
|
|
rpm-build |
0a0c83 |
the ACL_USER_OBJ entry contains the requested permissions, access is granted,
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
access is denied.
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
.Sy "else if"
|
|
rpm-build |
0a0c83 |
the effective user ID of the process matches the qualifier of any entry
|
|
rpm-build |
0a0c83 |
of type ACL_USER,
|
|
rpm-build |
0a0c83 |
.Sy then
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Bd -filled -offset indent
|
|
rpm-build |
0a0c83 |
.Sy if
|
|
rpm-build |
0a0c83 |
the matching ACL_USER entry and the ACL_MASK entry contain the requested
|
|
rpm-build |
0a0c83 |
permissions, access is granted,
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
access is denied.
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
.Sy else if
|
|
rpm-build |
0a0c83 |
the effective group ID or any of the supplementary group IDs of the process
|
|
rpm-build |
0a0c83 |
match the file group or the qualifier of any entry of type ACL_GROUP,
|
|
rpm-build |
0a0c83 |
.Sy then
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Bd -filled -offset indent
|
|
rpm-build |
0a0c83 |
.Sy if
|
|
rpm-build |
0a0c83 |
the ACL contains an ACL_MASK entry,
|
|
rpm-build |
0a0c83 |
.Sy then
|
|
rpm-build |
0a0c83 |
.Bd -filled -offset indent
|
|
rpm-build |
0a0c83 |
.Sy if
|
|
rpm-build |
0a0c83 |
the ACL_MASK entry and any of the matching ACL_GROUP_OBJ or ACL_GROUP entries
|
|
rpm-build |
0a0c83 |
contain
|
|
rpm-build |
0a0c83 |
the requested permissions, access is granted,
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
access is denied.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
(note that there can be no ACL_GROUP entries without an ACL_MASK entry)
|
|
rpm-build |
0a0c83 |
.Bd -filled -offset indent
|
|
rpm-build |
0a0c83 |
.Sy if
|
|
rpm-build |
0a0c83 |
the ACL_GROUP_OBJ entry contains the requested permissions,
|
|
rpm-build |
0a0c83 |
access is granted,
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
access is denied.
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
.Sy else if
|
|
rpm-build |
0a0c83 |
the ACL_OTHER entry contains the requested permissions, access is granted.
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
.Sy else
|
|
rpm-build |
0a0c83 |
access is denied.
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.\".It
|
|
rpm-build |
0a0c83 |
.\"Checking whether the requested access modes are granted by the matched entry.
|
|
rpm-build |
0a0c83 |
.\".El
|
|
rpm-build |
0a0c83 |
.Sh ACL TEXT FORMS
|
|
rpm-build |
0a0c83 |
A long and a short text form for representing ACLs is defined. In both forms, ACL entries are represented as three colon separated fields: an ACL entry tag type, an ACL entry qualifier, and the discretionary access permissions. The first field contains one of the following entry tag type keywords:
|
|
rpm-build |
0a0c83 |
.Bl -tag -offset indent -width group.
|
|
rpm-build |
0a0c83 |
.It Li user
|
|
rpm-build |
0a0c83 |
A
|
|
rpm-build |
0a0c83 |
.Li user
|
|
rpm-build |
0a0c83 |
ACL entry specifies the access granted to either the file owner (entry tag
|
|
rpm-build |
0a0c83 |
type ACL_USER_OBJ) or a specified user (entry tag type ACL_USER).
|
|
rpm-build |
0a0c83 |
.It Li group
|
|
rpm-build |
0a0c83 |
A
|
|
rpm-build |
0a0c83 |
.Li group
|
|
rpm-build |
0a0c83 |
ACL entry specifies the access granted to either the file group (entry tag
|
|
rpm-build |
0a0c83 |
type ACL_GROUP_OBJ) or a specified group (entry tag type ACL_GROUP).
|
|
rpm-build |
0a0c83 |
.It Li mask
|
|
rpm-build |
0a0c83 |
A
|
|
rpm-build |
0a0c83 |
.Li mask
|
|
rpm-build |
0a0c83 |
ACL entry specifies the maximum access which can be granted by any ACL
|
|
rpm-build |
0a0c83 |
entry except the
|
|
rpm-build |
0a0c83 |
.Li user
|
|
rpm-build |
0a0c83 |
entry for the file owner and the
|
|
rpm-build |
0a0c83 |
.Li other
|
|
rpm-build |
0a0c83 |
entry (entry tag type ACL_MASK).
|
|
rpm-build |
0a0c83 |
.It Li other
|
|
rpm-build |
0a0c83 |
An other ACL entry specifies the access granted to any process that does
|
|
rpm-build |
0a0c83 |
not match any
|
|
rpm-build |
0a0c83 |
.Li user
|
|
rpm-build |
0a0c83 |
or
|
|
rpm-build |
0a0c83 |
.Li group
|
|
rpm-build |
0a0c83 |
ACL entries (entry tag type ACL_OTHER).
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The second field contains the user or group identifier of the user or
|
|
rpm-build |
0a0c83 |
group associated with the ACL entry for entries of entry tag type ACL_USER
|
|
rpm-build |
0a0c83 |
or ACL_GROUP, and is empty for all other entries. A user identifier can
|
|
rpm-build |
0a0c83 |
be a user name or a user ID number in decimal form. A group identifier can
|
|
rpm-build |
0a0c83 |
be a group name or a group ID number in decimal form.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The third field contains the discretionary access permissions. The read,
|
|
rpm-build |
0a0c83 |
write and search/execute permissions are represented by the
|
|
rpm-build |
0a0c83 |
.Li r ,
|
|
rpm-build |
0a0c83 |
.Li w ,
|
|
rpm-build |
0a0c83 |
and
|
|
rpm-build |
0a0c83 |
.Li x
|
|
rpm-build |
0a0c83 |
characters, in this order. Each of these characters is replaced by the
|
|
rpm-build |
0a0c83 |
.Li \-
|
|
rpm-build |
0a0c83 |
character to denote that a permission is absent in the ACL entry.
|
|
rpm-build |
0a0c83 |
When converting from the text form to the internal representation,
|
|
rpm-build |
0a0c83 |
permissions that are absent need not be specified.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
White space is permitted at the beginning and end of each ACL entry, and
|
|
rpm-build |
0a0c83 |
immediately before and after a field separator (the colon character).
|
|
rpm-build |
0a0c83 |
.Ss LONG TEXT FORM
|
|
rpm-build |
0a0c83 |
The long text form contains one ACL entry per line. In addition, a
|
|
rpm-build |
0a0c83 |
number sign
|
|
rpm-build |
0a0c83 |
.No ( Li # )
|
|
rpm-build |
0a0c83 |
may start a comment that extends until the end of the line. If an
|
|
rpm-build |
0a0c83 |
ACL_USER, ACL_GROUP_OBJ or ACL_GROUP ACL entry contains permissions that
|
|
rpm-build |
0a0c83 |
are not also contained in the ACL_MASK entry, the entry is followed by a
|
|
rpm-build |
0a0c83 |
number sign, the string \(lqeffective:\(rq, and the effective access
|
|
rpm-build |
0a0c83 |
permissions defined by that entry. This is an example of the long text
|
|
rpm-build |
0a0c83 |
form:
|
|
rpm-build |
0a0c83 |
.Bd -literal -offset indent
|
|
rpm-build |
0a0c83 |
user::rw-
|
|
rpm-build |
0a0c83 |
user:lisa:rw- #effective:r--
|
|
rpm-build |
0a0c83 |
group::r--
|
|
rpm-build |
0a0c83 |
group:toolies:rw- #effective:r--
|
|
rpm-build |
0a0c83 |
mask::r--
|
|
rpm-build |
0a0c83 |
other::r--
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.Ss SHORT TEXT FORM
|
|
rpm-build |
0a0c83 |
The short text form is a sequence of ACL entries separated by commas,
|
|
rpm-build |
0a0c83 |
and is used for input. Comments are not supported. Entry tag type
|
|
rpm-build |
0a0c83 |
keywords may either appear in their full unabbreviated form, or in their
|
|
rpm-build |
0a0c83 |
single letter abbreviated form. The abbreviation for
|
|
rpm-build |
0a0c83 |
.Li user
|
|
rpm-build |
0a0c83 |
is
|
|
rpm-build |
0a0c83 |
.Li u ,
|
|
rpm-build |
0a0c83 |
the abbreviation for
|
|
rpm-build |
0a0c83 |
.Li group
|
|
rpm-build |
0a0c83 |
is
|
|
rpm-build |
0a0c83 |
.Li g ,
|
|
rpm-build |
0a0c83 |
the abbreviation for
|
|
rpm-build |
0a0c83 |
.Li mask
|
|
rpm-build |
0a0c83 |
is
|
|
rpm-build |
0a0c83 |
.Li m ,
|
|
rpm-build |
0a0c83 |
and the abbreviation for
|
|
rpm-build |
0a0c83 |
.Li other
|
|
rpm-build |
0a0c83 |
is
|
|
rpm-build |
0a0c83 |
.Li o .
|
|
rpm-build |
0a0c83 |
The permissions may contain at most one each of the following characters
|
|
rpm-build |
0a0c83 |
in any order:
|
|
rpm-build |
0a0c83 |
.Li r ,
|
|
rpm-build |
0a0c83 |
.Li w ,
|
|
rpm-build |
0a0c83 |
.Li x .
|
|
rpm-build |
0a0c83 |
These are examples of the short text form:
|
|
rpm-build |
0a0c83 |
.Bd -literal -offset indent
|
|
rpm-build |
0a0c83 |
u::rw-,u:lisa:rw-,g::r--,g:toolies:rw-,m::r--,o::r--
|
|
rpm-build |
0a0c83 |
g:toolies:rw,u:lisa:rw,u::wr,g::r,o::r,m::r
|
|
rpm-build |
0a0c83 |
.Ed
|
|
rpm-build |
0a0c83 |
.Sh RATIONALE
|
|
rpm-build |
0a0c83 |
IEEE 1003.1e draft 17 defines Access Control Lists that include entries
|
|
rpm-build |
0a0c83 |
of tag type ACL_MASK, and defines a mapping between file permission bits
|
|
rpm-build |
0a0c83 |
that is not constant. The standard working group defined this relatively
|
|
rpm-build |
0a0c83 |
complex interface in order to ensure that applications that are compliant
|
|
rpm-build |
0a0c83 |
with IEEE 1003.1 (\(lqPOSIX.1\(rq) will still function as expected on
|
|
rpm-build |
0a0c83 |
systems with ACLs. The IEEE 1003.1e draft 17 contains the rationale for
|
|
rpm-build |
0a0c83 |
choosing this interface in section B.23.
|
|
rpm-build |
0a0c83 |
.Sh CHANGES TO THE FILE UTILITIES
|
|
rpm-build |
0a0c83 |
On a system that supports ACLs, the file utilities
|
|
rpm-build |
0a0c83 |
.Xr ls 1 ,
|
|
rpm-build |
0a0c83 |
.Xr cp 1 ,
|
|
rpm-build |
0a0c83 |
and
|
|
rpm-build |
0a0c83 |
.Xr mv 1
|
|
rpm-build |
0a0c83 |
change their behavior in the following way:
|
|
rpm-build |
0a0c83 |
.Bl -bullet
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
For files that have a default ACL or an access ACL that contains more than
|
|
rpm-build |
0a0c83 |
the three required ACL entries, the
|
|
rpm-build |
0a0c83 |
.Xr ls 1
|
|
rpm-build |
0a0c83 |
utility in the long form produced by
|
|
rpm-build |
0a0c83 |
.Ic "ls \-l"
|
|
rpm-build |
0a0c83 |
displays a plus sign
|
|
rpm-build |
0a0c83 |
.No ( Li + )
|
|
rpm-build |
0a0c83 |
after the permission string.
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
If the
|
|
rpm-build |
0a0c83 |
.Fl p
|
|
rpm-build |
0a0c83 |
flag is specified, the
|
|
rpm-build |
0a0c83 |
.Xr cp 1
|
|
rpm-build |
0a0c83 |
utility also preserves ACLs.
|
|
rpm-build |
0a0c83 |
If this is not possible, a warning is produced.
|
|
rpm-build |
0a0c83 |
.It
|
|
rpm-build |
0a0c83 |
The
|
|
rpm-build |
0a0c83 |
.Xr mv 1
|
|
rpm-build |
0a0c83 |
utility always preserves ACLs. If this is not possible, a warning is produced.
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
The effect of the
|
|
rpm-build |
0a0c83 |
.Xr chmod 1
|
|
rpm-build |
0a0c83 |
utility, and of the
|
|
rpm-build |
0a0c83 |
.Xr chmod 2
|
|
rpm-build |
0a0c83 |
system call, on the access ACL is described in
|
|
rpm-build |
0a0c83 |
.Sx "CORRESPONDENCE BETWEEN ACL ENTRIES AND FILE PERMISSION BITS" .
|
|
rpm-build |
0a0c83 |
.Sh STANDARDS
|
|
rpm-build |
0a0c83 |
The IEEE 1003.1e draft 17 (\(lqPOSIX.1e\(rq) document describes several
|
|
rpm-build |
0a0c83 |
security extensions to the IEEE 1003.1 standard. While the work on
|
|
rpm-build |
0a0c83 |
1003.1e has been abandoned, many UNIX style systems implement parts of
|
|
rpm-build |
0a0c83 |
POSIX.1e draft 17, or of earlier drafts.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
Linux Access Control Lists implement the full set of functions and
|
|
rpm-build |
0a0c83 |
utilities defined for Access Control Lists in POSIX.1e, and several
|
|
rpm-build |
0a0c83 |
extensions. The implementation is fully compliant with POSIX.1e draft
|
|
rpm-build |
0a0c83 |
17; extensions are marked as such.
|
|
rpm-build |
0a0c83 |
The Access Control List manipulation functions are defined in
|
|
rpm-build |
0a0c83 |
the ACL library (libacl, \-lacl). The POSIX compliant interfaces are
|
|
rpm-build |
0a0c83 |
declared in the
|
|
rpm-build |
0a0c83 |
.Li <sys/acl.h>
|
|
rpm-build |
0a0c83 |
header. Linux-specific extensions to these functions are declared in the
|
|
rpm-build |
0a0c83 |
.Li <acl/libacl.h>
|
|
rpm-build |
0a0c83 |
header.
|
|
rpm-build |
0a0c83 |
.Sh SEE ALSO
|
|
rpm-build |
0a0c83 |
.Xr chmod 1 ,
|
|
rpm-build |
0a0c83 |
.Xr creat 2 ,
|
|
rpm-build |
0a0c83 |
.Xr getfacl 1 ,
|
|
rpm-build |
0a0c83 |
.Xr ls 1 ,
|
|
rpm-build |
0a0c83 |
.Xr mkdir 2 ,
|
|
rpm-build |
0a0c83 |
.Xr mkfifo 2 ,
|
|
rpm-build |
0a0c83 |
.Xr mknod 2 ,
|
|
rpm-build |
0a0c83 |
.Xr open 2 ,
|
|
rpm-build |
0a0c83 |
.Xr setfacl 1 ,
|
|
rpm-build |
0a0c83 |
.Xr stat 2 ,
|
|
rpm-build |
0a0c83 |
.Xr umask 1
|
|
rpm-build |
0a0c83 |
.Ss POSIX 1003.1e DRAFT 17
|
|
rpm-build |
0a0c83 |
.Xr "http://wt.tuxomania.net/publications/posix.1e/download.html"
|
|
rpm-build |
0a0c83 |
.Ss POSIX 1003.1e FUNCTIONS BY CATEGORY
|
|
rpm-build |
0a0c83 |
.Bl -tag -width "MMM"
|
|
rpm-build |
0a0c83 |
.It Sy ACL storage management
|
|
rpm-build |
0a0c83 |
.Xr acl_dup 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_free 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_init 3
|
|
rpm-build |
0a0c83 |
.It Sy ACL entry manipulation
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_create_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_valid 3
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Xr acl_add_perm 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_calc_mask 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_clear_perms 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_perm 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_permset 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_permset 3
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Xr acl_get_qualifier 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_tag_type 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_qualifier 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_tag_type 3
|
|
rpm-build |
0a0c83 |
.It Sy ACL manipulation on an object
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_def_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_fd 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_fd 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_file 3
|
|
rpm-build |
0a0c83 |
.It Sy ACL format translation
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_ext 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_from_text 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_to_text 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_size 3
|
|
rpm-build |
0a0c83 |
.El
|
|
rpm-build |
0a0c83 |
.Ss POSIX 1003.1e FUNCTIONS BY AVAILABILITY
|
|
rpm-build |
0a0c83 |
The first group of functions is supported on most systems with POSIX-like
|
|
rpm-build |
0a0c83 |
access control lists, while the second group is supported on fewer systems.
|
|
rpm-build |
0a0c83 |
For applications that will be ported the second group is best avoided.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_def_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_dup 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_free 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_from_text 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_fd 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_init 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_fd 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_to_text 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_valid 3
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Xr acl_add_perm 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_calc_mask 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_clear_perms 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_ext 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_copy_int 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_create_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_delete_perm 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_entry 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_permset 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_qualifier 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_tag_type 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_permset 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_qualifier 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_set_tag_type 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_size 3
|
|
rpm-build |
0a0c83 |
.Ss LINUX EXTENSIONS
|
|
rpm-build |
0a0c83 |
These non-portable extensions are available on Linux systems.
|
|
rpm-build |
0a0c83 |
.Pp
|
|
rpm-build |
0a0c83 |
.Xr acl_check 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_cmp 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_entries 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_equiv_mode 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_error 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_extended_fd 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_extended_file 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_extended_file_nofollow 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_from_mode 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_get_perm 3 ,
|
|
rpm-build |
0a0c83 |
.Xr acl_to_any_text 3
|
|
rpm-build |
0a0c83 |
.Sh AUTHOR
|
|
rpm-build |
0a0c83 |
Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
|