svn commit: r192677 - head/share/man/man9
Edward Tomasz Napierala
trasz at FreeBSD.org
Sun May 24 09:42:54 UTC 2009
Author: trasz
Date: Sun May 24 09:42:53 2009
New Revision: 192677
URL: http://svn.freebsd.org/changeset/base/192677
Log:
Add new constants to the acl(9) manual page.
Modified:
head/share/man/man9/acl.9
Modified: head/share/man/man9/acl.9
==============================================================================
--- head/share/man/man9/acl.9 Sun May 24 03:49:07 2009 (r192676)
+++ head/share/man/man9/acl.9 Sun May 24 09:42:53 2009 (r192677)
@@ -59,7 +59,9 @@ Currently, each ACL is represented in-ke
structure, defined as follows:
.Bd -literal -offset indent
struct acl {
- int acl_cnt;
+ unsigned int acl_maxcnt;
+ unsigned int acl_cnt;
+ int acl_spare[4];
struct acl_entry acl_entry[ACL_MAX_ENTRIES];
};
.Ed
@@ -67,6 +69,10 @@ struct acl {
An ACL is constructed from a fixed size array of ACL entries,
each of which consists of a set of permissions, principal namespace,
and principal identifier.
+In this implementation, the
+.Vt acl_maxcnt
+field is always set to
+.Dv ACL_MAX_ENTRIES .
.Pp
Each individual ACL entry is of the type
.Vt acl_entry_t ,
@@ -97,13 +103,20 @@ match the ACL entry qualifier.
.It Dv ACL_MASK
The maximum discretionary access rights that can be granted
to a process in the file group class.
+This is only valid for POSIX.1e ACLs.
.It Dv ACL_OTHER
Discretionary access rights for processes not covered by any other ACL
entry.
+This is only valid for POSIX.1e ACLs.
.It Dv ACL_OTHER_OBJ
Same as
.Dv ACL_OTHER .
-Each ACL entry must contain exactly one
+.It Dv ACL_EVERYONE
+Discretionary access rights for all users.
+This is only valid for NFSv4 ACLs.
+.El
+.Pp
+Each POSIX.1e ACL must contain exactly one
.Dv ACL_USER_OBJ ,
one
.Dv ACL_GROUP_OBJ ,
@@ -117,13 +130,19 @@ or
are present, then exactly one
.Dv ACL_MASK
entry should be present.
-.El
.It Vt uid_t Va ae_id
The ID of user for whom this ACL describes access permissions.
+For entries other than
+.Dv ACL_USER
+and
+.Dv ACL_GROUP ,
+this field should be set to
+.Dv ACL_UNDEFINED_ID .
.It Vt acl_perm_t Va ae_perm
This field defines what kind of access the process matching this ACL has
for accessing the associated file.
-.Bl -tag -width ".Dv ACL_POSIX1E_BITS"
+For POSIX.1e ACLs, the following are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
.It Dv ACL_EXECUTE
The process may execute the associated file.
.It Dv ACL_WRITE
@@ -134,6 +153,57 @@ The process may read from the associated
The process has no read, write or execute permissions
to the associated file.
.El
+.Pp
+For NFSv4 ACLs, the following are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
+.It Dv ACL_READ_DATA
+The process may read from the associated file.
+.It Dv ACL_LIST_DIRECTORY
+Same as
+.Dv ACL_READ_DATA .
+.It Dv ACL_WRITE_DATA
+The process may write to the associated file.
+.It Dv ACL_ADD_FILE
+Same as
+.Dv ACL_ACL_WRITE_DATA .
+.It Dv ACL_APPEND_DATA
+.It Dv ACL_ADD_SUBDIRECTORY
+Same as
+.Dv ACL_APPEND_DATA .
+.It Dv ACL_READ_NAMED_ATTRS
+Ignored.
+.It Dv ACL_WRITE_NAMED_ATTRS
+Ignored.
+.It Dv ACL_EXECUTE
+The process may execute the associated file.
+.It Dv ACL_DELETE_CHILD
+.It Dv ACL_READ_ATTRIBUTES
+.It Dv ACL_WRITE_ATTRIBUTES
+.It Dv ACL_DELETE
+.It Dv ACL_READ_ACL
+.It Dv ACL_WRITE_ACL
+.It Dv ACL_WRITE_OWNER
+.It Dv ACL_SYNCHRONIZE
+Ignored.
+.El
+.It Vt acl_entry_type_t Va ae_entry_type
+This field defines the type of NFSv4 ACL entry.
+It is not used with POSIX.1e ACLs.
+The following values are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
+.It Dv ACL_ENTRY_TYPE_ALLOW
+.It Dv ACL_ENTRY_TYPE_DENY
+.El
+.It Vt acl_flag_t Va ae_flags
+This field defines the inheritance flags of NFSv4 ACL entry.
+It is not used with POSIX.1e ACLs.
+The following values are valid:
+.Bl -tag -width ".Dv ACL_ENTRY_DIRECTORY_INHERIT"
+.It Dv ACL_ENTRY_FILE_INHERIT
+.It Dv ACL_ENTRY_DIRECTORY_INHERIT
+.It Dv ACL_ENRY_NO_PROPAGATE_INHERIT
+.It Dv ACL_ENTRY_INHERIT_ONLY
+.El
.El
.Sh SEE ALSO
.Xr acl 3 ,
More information about the svn-src-all
mailing list