acl_set_file(3) — Linux manual page


ACL_SET_FILE(3)          Library Functions Manual        ACL_SET_FILE(3)

NAME         top

       acl_set_file — set an ACL by filename

LIBRARY         top

       Linux Access Control Lists library (libacl, -lacl).

SYNOPSIS         top

       <sys/types.h> <sys/acl.h> int acl_set_file(const char *path_p,
       acl_type_t type, acl_t acl)

DESCRIPTION         top

       The acl_set_file() function associates an access ACL with a file
       or directory, or associates a default ACL with a directory. The
       pathname for the file or directory is pointed to by the argument

       The effective user ID of the process must match the owner of the
       file or directory or the process must have the CAP_FOWNER
       capability for the request to succeed.

       The value of the argument type is used to indicate whether the
       access ACL or the default ACL associated with path_p is being
       set. If the type parameter is ACL_TYPE_ACCESS, the access ACL of
       path_p shall be set. If the type parameter is ACL_TYPE_DEFAULT,
       the default ACL of path_p shall be set. If the argument type
       specifies a type of ACL that cannot be associated with path_p,
       then the function fails.

       The acl parameter must reference a valid ACL according to the
       rules described on the acl_valid(3) manual page if the type
       parameter is ACL_TYPE_ACCESS, and must either reference a valid
       ACL or an ACL with zero ACL entries if the type parameter is
       ACL_TYPE_DEFAULT. If the acl parameter references an empty ACL,
       then the acl_set_file() function removes any default ACL
       associated with the directory referred to by the path_p

RETURN VALUE         top

       The acl_set_file() function returns the value 0 if successful;
       otherwise the value -1 is returned and the global variable errno
       is set to indicate the error.

ERRORS         top

       If any of the following conditions occur, the acl_set_file()
       function returns -1 and sets errno to the corresponding value:

       [EACCES]           Search permission is denied for a component of
                          the path prefix or the object exists and the
                          process does not have appropriate access

                          Argument type specifies a type of ACL that
                          cannot be associated with path_p.

       [EINVAL]           The argument acl does not point to a valid

                          The ACL has more entries than the file
                          referred to by path_p can obtain.

                          The type parameter is not ACL_TYPE_ACCESS or

                          The type parameter is ACL_TYPE_DEFAULT, but
                          the file referred to by path_p is not a

       [ENAMETOOLONG]     The length of the argument path_p is too long.

       [ENOENT]           The named object does not exist or the
                          argument path_p points to an empty string.

       [ENOSPC]           The directory or file system that would
                          contain the new ACL cannot be extended or the
                          file system is out of file allocation

       [ENOTDIR]          A component of the path prefix is not a

       [ENOTSUP]          The file identified by path_p cannot be
                          associated with the ACL because the file
                          system on which the file is located does not
                          support this.

       [EPERM]            The process does not have appropriate
                          privilege to perform the operation to set the

       [EROFS]            This function requires modification of a file
                          system which is currently read-only.

STANDARDS         top

       IEEE Std 1003.1e draft 17 (“POSIX.1e”, abandoned)

       The behavior of acl_set_file() when the acl parameter refers to
       an empty ACL and the type parameter is ACL_TYPE_DEFAULT is an
       extension in the Linux implementation, in order that all values
       returned by acl_get_file() can be passed to acl_set_file().  The
       POSIX.1e function for removing a default ACL is

SEE ALSO         top

       acl_delete_def_file(3), acl_get_file(3), acl_set_fd(3),
       acl_valid(3), acl(5)

AUTHOR         top

       Derived from the FreeBSD manual pages written by Robert N M
       Watson <>, and adapted for Linux by Andreas
       Gruenbacher <>.

COLOPHON         top

       This page is part of the acl (manipulating access control lists)
       project.  Information about the project can be found at  If you have a bug
       report for this manual page, see
       ⟨⟩.  This page was
       obtained from the project's upstream Git repository
       ⟨git://⟩ on 2023-12-22.  (At that
       time, the date of the most recent commit that was found in the
       repository was 2023-12-01.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to

Linux ACL                    March 23, 2002              ACL_SET_FILE(3)