acl_set_file(3) — Linux manual page

NAME | LIBRARY | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | STANDARDS | SEE ALSO | AUTHOR | COLOPHON

ACL_SET_FILE(3)       BSD Library Functions Manual       ACL_SET_FILE(3)

NAME         top

     acl_set_file — set an ACL by filename

LIBRARY         top

     Linux Access Control Lists library (libacl, -lacl).

SYNOPSIS         top

     #include <sys/types.h>
     #include <sys/acl.h>

     int
     acl_set_file(const char *path_p, acl_type_t type, acl_t acl);

DESCRIPTION         top

     The acl_set_file() function associates an access ACL with a file or
     directory, or associates a default ACL with a directory. The
     pathname for the file or directory is pointed to by the argument
     path_p.

     The effective user ID of the process must match the owner of the
     file or directory or the process must have the CAP_FOWNER
     capability for the request to succeed.

     The value of the argument type is used to indicate whether the
     access ACL or the default ACL associated with path_p is being set.
     If the type parameter is ACL_TYPE_ACCESS, the access ACL of path_p
     shall be set. If the type parameter is ACL_TYPE_DEFAULT, the
     default ACL of path_p shall be set. If the argument type specifies
     a type of ACL that cannot be associated with path_p, then the
     function fails.

     The acl parameter must reference a valid ACL according to the rules
     described on the acl_valid(3) manual page if the type parameter is
     ACL_TYPE_ACCESS, and must either reference a valid ACL or an ACL
     with zero ACL entries if the type parameter is ACL_TYPE_DEFAULT. If
     the acl parameter references an empty ACL, then the acl_set_file()
     function removes any default ACL associated with the directory
     referred to by the path_p parameter.

RETURN VALUE         top

     The acl_set_file() function returns the value 0 if successful;
     otherwise the value -1 is returned and the global variable errno is
     set to indicate the error.

ERRORS         top

     If any of the following conditions occur, the acl_set_file()
     function returns -1 and sets errno to the corresponding value:

     [EACCES]           Search permission is denied for a component of
                        the path prefix or the object exists and the
                        process does not have appropriate access rights.

                        Argument type specifies a type of ACL that
                        cannot be associated with path_p.

     [EINVAL]           The argument acl does not point to a valid ACL.

                        The ACL has more entries than the file referred
                        to by path_p can obtain.

                        The type parameter is not ACL_TYPE_ACCESS or
                        ACL_TYPE_DEFAULT.

                        The type parameter is ACL_TYPE_DEFAULT, but the
                        file referred to by path_p is not a directory.

     [ENAMETOOLONG]     The length of the argument path_p is too long.

     [ENOENT]           The named object does not exist or the argument
                        path_p points to an empty string.

     [ENOSPC]           The directory or file system that would contain
                        the new ACL cannot be extended or the file
                        system is out of file allocation resources.

     [ENOTDIR]          A component of the path prefix is not a
                        directory.

     [ENOTSUP]          The file identified by path_p cannot be
                        associated with the ACL because the file system
                        on which the file is located does not support
                        this.

     [EPERM]            The process does not have appropriate privilege
                        to perform the operation to set the ACL.

     [EROFS]            This function requires modification of a file
                        system which is currently read-only.

STANDARDS         top

     IEEE Std 1003.1e draft 17 (“POSIX.1e”, abandoned)

     The behavior of acl_set_file() when the acl parameter refers to an
     empty ACL and the type parameter is ACL_TYPE_DEFAULT is an
     extension in the Linux implementation, in order that all values
     returned by acl_get_file() can be passed to acl_set_file().  The
     POSIX.1e function for removing a default ACL is
     acl_delete_def_file().

SEE ALSO         top

     acl_delete_def_file(3), acl_get_file(3), acl_set_fd(3),
     acl_valid(3), acl(5)

AUTHOR         top

     Derived from the FreeBSD manual pages written by Robert N M Watson
     <rwatson@FreeBSD.org>, and adapted for Linux by Andreas Gruenbacher
     <andreas.gruenbacher@gmail.com>.

COLOPHON         top

     This page is part of the acl (manipulating access control lists)
     project.  Information about the project can be found at
     http://savannah.nongnu.org/projects/acl.  If you have a bug report
     for this manual page, see
     ⟨http://savannah.nongnu.org/bugs/?group=acl⟩.  This page was
     obtained from the project's upstream Git repository
     ⟨git://git.savannah.nongnu.org/acl.git⟩ on 2023-06-23.  (At that
     time, the date of the most recent commit that was found in the
     repository was 2022-12-30.)  If you discover any rendering problems
     in this HTML version of the page, or you believe there is a better
     or more up-to-date source for the page, or you have corrections or
     improvements to the information in this COLOPHON (which is not part
     of the original manual page), send a mail to man-pages@man7.org

Linux ACL                    March 23, 2002                    Linux ACL