acl_set_file(3) -- Linux man page
NAMEacl_set_file - set an ACL by filename
LIBRARYLinux Access Control Lists library (libacl, -lacl).
SYNOPSISIn sys/types.h In sys/acl.h Ft int Fn acl_set_file const char *path_p acl_type_t type acl_t acl
DESCRIPTIONThe Fn acl_set_file function associates an access ACL with a file or directory, or associates a default ACL with a directory. The pathname for the file or directory is pointed to by the argument path_p
The effective user ID of the process must match the owner of the file or directory or the process must have the CAP_FOWNER capability for the request to succeed.
The value of the argument type is used to indicate whether the access ACL or the default ACL associated with path_p is being set. If the type parameter is ACL_TYPE_ACCESS, the access ACL of path_p shall be set. If the type parameter is ACL_TYPE_DEFAULT, the default ACL of path_p shall be set. If the argument type specifies a type of ACL that cannot be associated with path_p then the function fails.
The acl parameter must reference a valid ACL according to the rules described on the acl_valid3 manual page if the type parameter is ACL_TYPE_ACCESS, and must either reference a valid ACL or an ACL with zero ACL entries if the type parameter is ACL_TYPE_DEFAULT. If the acl parameter references an empty ACL, then the Fn acl_set_file function removes any default ACL associated with the directory referred to by the path_p parameter.
RETURN VALUERv -std acl_set_file
ERRORSIf any of the following conditions occur, the Fn acl_set_file function returns -1 and sets errno to the corresponding value:
- Bq Er EACCES
Search permission is denied for a component of the path prefix or the
object exists and the process does not have appropriate access rights.
Argument type specifies a type of ACL that cannot be associated with path_p
- Bq Er EINVAL
does not point to a valid ACL.
The ACL has more entries than the file referred to by path_p can obtain.
The type parameter is not ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT.
The type parameter is ACL_TYPE_DEFAULT, but the file referred to by path_p is not a directory.
- Bq Er ENAMETOOLONG
- The length of the argument path_p is too long.
- Bq Er ENOENT
- The named object does not exist or the argument path_p points to an empty string.
- Bq Er ENOSPC
- The directory or file system that would contain the new ACL cannot be extended or the file system is out of file allocation resources.
- Bq Er ENOTDIR
- A component of the path prefix is not a directory.
- Bq Er ENOTSUP
- The file identified by path_p cannot be associated with the ACL because the file system on which the file is located does not support this.
- Bq Er EPERM
- The process does not have appropriate privilege to perform the operation to set the ACL.
- Bq Er EROFS
- This function requires modification of a file system which is currently read-only.
STANDARDSIEEE Std 1003.1e draft 17 (lqPOSIX.1erq, abandoned)
The behavior of Fn acl_set_file when the acl parameter refers to an empty ACL and the type parameter is ACL_TYPE_DEFAULT is an extension in the Linux implementation, in order that all values returned by Fn acl_get_file can be passed to Fn acl_set_file . The POSIX.1e function for removing a default ACL is Fn acl_delete_def_file .
SEE ALSOacl_delete_def_file3, acl_get_file3, acl_set_fd3, acl_valid3, acl(5)
AUTHORDerived from the FreeBSD manual pages written by An Robert N M Watson Aq rwatson@FreeBSD.org , and adapted for Linux by An Andreas Gruenbacher Aq email@example.com .