ACL_CHECK(3SEC) File Access Control Library Functions ACL_CHECK(3SEC)


NAME


acl_check - check the validity of an ACL

SYNOPSIS


cc [ flag... ] file... -lsec [ library... ]
#include <sys/acl.h>

int acl_check(acl_t *aclp, int isdir);


DESCRIPTION


The acl_check() function checks the validity of an ACL pointed to by
aclp. The isdir argument checks the validity of an ACL that will be
applied to a directory. The ACL can be either a POSIX draft ACL as
supported by UFS or NFSv4 ACL as supported by ZFS or NFSV4.


When the function verifies a POSIX draft ACL, the rules followed are
described in aclcheck(3SEC). For NFSv4 ACL, the ACL is verified against
the following rules:

o The inheritance flags are valid.

o The ACL must have at least one ACL entry and no more than
{MAX_ACL_ENTRIES}.

o The permission field contains only supported permissions.

o The entry type is valid.

o The flag fields contain only valid flags as supported by
NFSv4/ZFS.


If any of the above rules are violated, the function fails with errno set
to EINVAL.

RETURN VALUES


If the ACL is valid, acl_check() returns 0. Otherwise errno is set to
EINVAL and the return value is set to one of the following:

EACL_INHERIT_ERROR
There are invalid inheritance flags specified.


EACL_FLAGS_ERROR
There are invalid flags specified on the ACL that
don't map to supported flags in NFSV4/ZFS ACL
model.


EACL_ENTRY_ERROR
The ACL contains an unknown value in the type
field.


EACL_MEM_ERROR
The system cannot allocate any memory.


EACL_INHERIT_NOTDIR
Inheritance flags are only allowed for ACLs on
directories.


ATTRIBUTES


See attributes(5) for descriptions of the following attributes:


+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Interface Stability | Committed |
+--------------------+-----------------+
|MT-Level | MT-Safe |
+--------------------+-----------------+

SEE ALSO


acl(2), aclcheck(3SEC), aclsort(3SEC), acl(5), attributes(5)


April 22, 2008 ACL_CHECK(3SEC)