установить ACL по имени файла (set an ACL by filename)
Имя (Name)
acl_set_file — set an ACL by filename
Библиотека (Library)
Linux Access Control Lists library (libacl, -lacl).
Синопсис (Synopsis)
#include <sys/types.h>
#include <sys/acl.h>
int
acl_set_file(const char *path_p, acl_type_t type, acl_t acl);
Описание (Description)
The acl_set_file() function associates an access ACL with a file or
directory, or associates a default ACL with a directory. The
pathname for the file or directory is pointed to by the argument
path_p.
The effective user ID of the process must match the owner of the
file or directory or the process must have the CAP_FOWNER
capability for the request to succeed.
The value of the argument type is used to indicate whether the
access ACL or the default ACL associated with path_p is being set.
If the type parameter is ACL_TYPE_ACCESS, the access ACL of path_p
shall be set. If the type parameter is ACL_TYPE_DEFAULT, the
default ACL of path_p shall be set. If the argument type specifies
a type of ACL that cannot be associated with path_p, then the
function fails.
The acl parameter must reference a valid ACL according to the rules
described on the acl_valid(3) manual page if the type parameter is
ACL_TYPE_ACCESS, and must either reference a valid ACL or an ACL
with zero ACL entries if the type parameter is ACL_TYPE_DEFAULT. If
the acl parameter references an empty ACL, then the acl_set_file()
function removes any default ACL associated with the directory
referred to by the path_p parameter.
Возвращаемое значение (Return value)
The acl_set_file() function returns the value 0 if successful;
otherwise the value -1 is returned and the global variable errno is
set to indicate the error.
Ошибки (Error)
If any of the following conditions occur, the acl_set_file()
function returns -1 and sets errno to the corresponding value:
[EACCES] Search permission is denied for a component of
the path prefix or the object exists and the
process does not have appropriate access rights.
Argument type specifies a type of ACL that
cannot be associated with path_p.
[EINVAL] The argument acl does not point to a valid ACL.
The ACL has more entries than the file referred
to by path_p can obtain.
The type parameter is not ACL_TYPE_ACCESS or
ACL_TYPE_DEFAULT.
The type parameter is ACL_TYPE_DEFAULT, but the
file referred to by path_p is not a directory.
[ENAMETOOLONG] The length of the argument path_p is too long.
[ENOENT] The named object does not exist or the argument
path_p points to an empty string.
[ENOSPC] The directory or file system that would contain
the new ACL cannot be extended or the file
system is out of file allocation resources.
[ENOTDIR] A component of the path prefix is not a
directory.
[ENOTSUP] The file identified by path_p cannot be
associated with the ACL because the file system
on which the file is located does not support
this.
[EPERM] The process does not have appropriate privilege
to perform the operation to set the ACL.
[EROFS] This function requires modification of a file
system which is currently read-only.
Стандарты (Conforming to)
IEEE Std 1003.1e draft 17 ('POSIX.1e', abandoned)
The behavior of acl_set_file() when the acl parameter refers to an
empty ACL and the type parameter is ACL_TYPE_DEFAULT is an
extension in the Linux implementation, in order that all values
returned by acl_get_file() can be passed to acl_set_file(). The
POSIX.1e function for removing a default ACL is
acl_delete_def_file().
Смотри также (See also)
acl_delete_def_file(3), acl_get_file(3), acl_set_fd(3),
acl_valid(3), acl(5)
