acl_extended_file

Linux Access Control Lists library (libacl, -lacl).

n sys/types.h n acl/libacl.h

The function returns if the file or directory referred to by the argument is associated with an extended access ACL, or if the directory referred to by is associated with a default ACL. The function returns if the file has neither an extended access ACL nor a default ACL.

An extended ACL is an ACL that contains entries other than the three required entries of tag types ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER. If the result of the function for a file object is then ACLs define no discretionary access rights other than those already defined by the traditional file permission bits.

Access to the file object may be further restricted by other mechanisms, such as Mandatory Access Control schemes. The access(2) system call can be used to check whether a given type of access to a file object would be granted.

If successful, the function returns if the file object referred to by has an extended access ACL or a default ACL, and if the file object referred to by has neither an extended access ACL nor a default ACL. Otherwise, the value is returned and the global variable is set to indicate the error.

If any of the following conditions occur, the function returns and sets to the corresponding value:

• EACCES Search permission is denied for a component of the path prefix.
• ENAMETOOLONG The length of the argument is too long.
• ENOENT The named object does not exist or the argument points to an empty string.
• ENOTDIR A component of the path prefix is not a directory.
• ENOTSUP The file system on which the file identified by is located does not support ACLs, or ACLs are disabled.

This is a non-portable, Linux specific extension to the ACL manipulation functions defined in IEEE Std 1003.1e draft 17 (POSIX.1e, abandoned).

access(2) acl_get_file(3) acl(5)

Written by