Site Navigation

FreeBSD Man Pages

Man Page or Keyword Search:
Man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands 2.8 BSD 2.9.1 BSD 2.10 BSD 2.11 BSD 4.3BSD NET/2 4.3BSD Reno 4.4BSD Lite2 386BSD 0.0 386BSD 0.1 CentOS 5.6 CentOS 5.7 CentOS 5.8 CentOS 5.9 CentOS 5.10 CentOS 5.11 CentOS 6.0 CentOS 6.1 CentOS 6.2 CentOS 6.3 CentOS 6.4 CentOS 6.5 CentOS 6.6 CentOS 7.0 CentOS 7.1 CentOS Linux/i386 3.9 CentOS Linux/i386 4.8 CentOS Linux/i386 5.4 CentOS Linux/i386 5.5 Darwin 1.3.1/x86 Darwin 1.4.1/x86 Darwin 6.0.2/x86 Darwin 7.0.1 Darwin 8.0.1/ppc Debian 2.2.7 Debian 3.1.8 Debian 4.0.9 Debian 5.0.10 Debian 6.0.10 Debian 7.8.0 Debian 8.1.0 FreeBSD 1.0-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 2.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.7-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 3.0-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.3-RELEASE FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 4.0-RELEASE FreeBSD 4.1-RELEASE FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 5.0-RELEASE FreeBSD 5.1-RELEASE FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 6.1-RELEASE FreeBSD 6.2-RELEASE FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.4-stable FreeBSD 7.0-RELEASE FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.4-stable FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.4-stable FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.3-stable FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.2-stable FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 11-current FreeBSD 11.0-RELEASE FreeBSD 11.0-stable FreeBSD 12-current FreeBSD Ports 2.2.8-RELEASE FreeBSD Ports 3.4-RELEASE FreeBSD Ports 3.5-RELEASE FreeBSD Ports 3.5.1-RELEASE FreeBSD Ports 4.1.1-RELEASE FreeBSD Ports 4.2-RELEASE FreeBSD Ports 4.3-RELEASE FreeBSD Ports 4.5-RELEASE FreeBSD Ports 4.6-RELEASE FreeBSD Ports 4.6.2-RELEASE FreeBSD Ports 4.7-RELEASE FreeBSD Ports 4.8-RELEASE FreeBSD Ports 4.9-RELEASE FreeBSD Ports 4.10-RELEASE FreeBSD Ports 4.11-RELEASE FreeBSD Ports 5.1-RELEASE FreeBSD Ports 5.2-RELEASE FreeBSD Ports 5.2.1-RELEASE FreeBSD Ports 5.3-RELEASE FreeBSD Ports 5.4-RELEASE FreeBSD Ports 5.5-RELEASE FreeBSD Ports 6.0-RELEASE FreeBSD Ports 6.2-RELEASE FreeBSD Ports 6.3-RELEASE FreeBSD Ports 6.4-RELEASE FreeBSD Ports 7.0-RELEASE FreeBSD Ports 7.1-RELEASE FreeBSD Ports 7.2-RELEASE FreeBSD Ports 7.3-RELEASE FreeBSD Ports 7.4-RELEASE FreeBSD Ports 8.0-RELEASE FreeBSD Ports 8.1-RELEASE FreeBSD Ports 8.2-RELEASE FreeBSD Ports 8.3-RELEASE FreeBSD Ports 8.4-RELEASE FreeBSD Ports 9.0-RELEASE FreeBSD Ports 9.1-RELEASE FreeBSD Ports 9.2-RELEASE FreeBSD Ports 9.3-RELEASE FreeBSD Ports 10.0-RELEASE FreeBSD Ports 10.1-RELEASE FreeBSD Ports 10.2-RELEASE FreeBSD Ports 10.3-RELEASE HP-UX 10.01 HP-UX 10.10 HP-UX 10.20 HP-UX 11.00 HP-UX 11.11 HP-UX 11.20 HP-UX 11.22 Linux Slackware 3.1 Minix 2.0 NetBSD 1.0 NetBSD 1.1 NetBSD 1.2 NetBSD 1.2.1 NetBSD 1.3 NetBSD 1.3.1 NetBSD 1.3.2 NetBSD 1.3.3 NetBSD 1.4 NetBSD 1.4.1 NetBSD 1.4.2 NetBSD 1.4.3 NetBSD 1.5 NetBSD 1.5.1 NetBSD 1.5.2 NetBSD 1.5.3 NetBSD 1.6 NetBSD 1.6.1 NetBSD 1.6.2 NetBSD 2.0 NetBSD 2.0.2 NetBSD 2.1 NetBSD 3.0 NetBSD 3.1 NetBSD 4.0 NetBSD 4.0.1 NetBSD 5.0 NetBSD 5.1 NetBSD 6.0 NetBSD 6.1.5 NetBSD 7.0 OpenBSD 2.0 OpenBSD 2.1 OpenBSD 2.2 OpenBSD 2.3 OpenBSD 2.4 OpenBSD 2.5 OpenBSD 2.6 OpenBSD 2.7 OpenBSD 2.8 OpenBSD 2.9 OpenBSD 3.0 OpenBSD 3.1 OpenBSD 3.2 OpenBSD 3.3 OpenBSD 3.4 OpenBSD 3.5 OpenBSD 3.6 OpenBSD 3.7 OpenBSD 3.8 OpenBSD 3.9 OpenBSD 4.0 OpenBSD 4.1 OpenBSD 4.2 OpenBSD 4.3 OpenBSD 4.4 OpenBSD 4.5 OpenBSD 4.6 OpenBSD 4.7 OpenBSD 4.8 OpenBSD 4.9 OpenBSD 5.0 OpenBSD 5.1 OpenBSD 5.2 OpenBSD 5.3 OpenBSD 5.4 OpenBSD 5.5 OpenBSD 5.6 OpenBSD 5.7 OpenBSD 5.8 OpenDarwin 6.6.1/x86 OpenDarwin 6.6.2/x86 OpenDarwin 7.2.1 OpenDarwin 20030208pre4/ppc OSF1 V4.0/alpha OSF1 V5.1/alpha Plan 9 Red Hat Linux/i386 4.2 Red Hat Linux/i386 5.0 Red Hat Linux/i386 5.2 Red Hat Linux/i386 6.1 Red Hat Linux/i386 6.2 Red Hat Linux/i386 7.0 Red Hat Linux/i386 7.1 Red Hat Linux/i386 7.2 Red Hat Linux/i386 7.3 Red Hat Linux/i386 8.0 Red Hat Linux/i386 9 SunOS 4.1.3 SunOS 5.5.1 SunOS 5.6 SunOS 5.7 SunOS 5.8 SunOS 5.9 SunOS 5.10 SuSE Linux/i386 4.3 SuSE Linux/i386 5.0 SuSE Linux/i386 5.2 SuSE Linux/i386 5.3 SuSE Linux/i386 6.0 SuSE Linux/i386 6.1 SuSE Linux/i386 6.3 SuSE Linux/i386 6.4 SuSE Linux/i386 7.0 SuSE Linux/i386 7.1 SuSE Linux/i386 7.2 SuSE Linux/i386 7.3 SuSE Linux/i386 8.0 SuSE Linux/i386 8.1 SuSE Linux/i386 8.2 SuSE Linux/i386 9.2 SuSE Linux/i386 9.3 SuSE Linux/i386 10.0 SuSE Linux/i386 10.1 SuSE Linux/i386 10.2 SuSE Linux/i386 10.3 SuSE Linux/i386 11.0 SuSE Linux/i386 11.1 SuSE Linux/i386 11.2 SuSE Linux/i386 11.3 SuSE Linux/i386 ES 10 SP1 ULTRIX 4.2 Unix Seventh Edition X11R6.7.0 X11R6.8.2 X11R6.9.0 X11R7.2 X11R7.3.2 X11R7.4 XFree86 2.1 XFree86 3.3 XFree86 3.3.6 XFree86 4.0 XFree86 4.0.1 XFree86 4.0.2 XFree86 4.1.0 XFree86 4.2.0 XFree86 4.2.99.3 XFree86 4.3.0 XFree86 4.4.0 XFree86 4.5.0 XFree86 4.6.0 XFree86 4.7.0 default i386 Architecture
Apropos Keyword Search (all sections) html pdf ascii Output format

home | help

---

ACL(9)                 FreeBSD Kernel Developer's Manual                ACL(9)

NAME
     acl - virtual file system access control lists

SYNOPSIS
     #include <sys/param.h>
     #include <sys/vnode.h>
     #include <sys/acl.h>

     In the kernel configuration file:
     options UFS_ACL

DESCRIPTION
     Access control lists, or ACLs, allow fine-grained specification of rights
     for vnodes representing files and directories.  However, as there are a
     plethora of file systems with differing ACL semantics, the vnode
     interface is aware only of the syntax of ACLs, relying on the underlying
     file system to implement the details.  Depending on the underlying file
     system, each file or directory may have zero or more ACLs associated with
     it, named using the type field of the appropriate vnode ACL calls:
     VOP_ACLCHECK(9), VOP_GETACL(9), and VOP_SETACL(9).

     Currently, each ACL is represented in-kernel by a fixed-size acl
     structure, defined as follows:

           struct acl {
                   int                     acl_cnt;
                   struct acl_entry        acl_entry[ACL_MAX_ENTRIES];
           };

     An ACL is constructed from a fixed size array of ACL entries, each of
     which consists of a set of permissions, principal namespace, and
     principal identifier.

     Each individual ACL entry is of the type acl_entry_t, which is a
     structure with the following members:

     acl_tag_t ae_tag
         The following is a list of definitions of ACL types to be set in
         ae_tag:

               ACL_UNDEFINED_FIELD      Undefined ACL type.
               ACL_USER_OBJ             Discretionary access rights for
                                        processes whose effective user ID
                                        matches the user ID of the file's
                                        owner.
               ACL_USER                 Discretionary access rights for
                                        processes whose effective user ID
                                        matches the ACL entry qualifier.
               ACL_GROUP_OBJ            Discretionary access rights for
                                        processes whose effective group ID or
                                        any supplemental groups match the
                                        group ID of the file's owner.
               ACL_GROUP                Discretionary access rights for
                                        processes whose effective group ID or
                                        any supplemental groups match the ACL
                                        entry qualifier.
               ACL_MASK                 The maximum discretionary access
                                        rights that can be granted to a
                                        process in the file group class.
               ACL_OTHER                Discretionary access rights for
                                        processes not covered by any other ACL
                                        entry.
               ACL_OTHER_OBJ            Same as ACL_OTHER.  Each ACL entry
                                        must contain exactly one ACL_USER_OBJ,
                                        one ACL_GROUP_OBJ, and one ACL_OTHER.
                                        If any of ACL_USER, ACL_GROUP, or
                                        ACL_OTHER are present, then exactly
                                        one ACL_MASK entry should be present.

     uid_t ae_id
         The ID of user for whom this ACL describes access permissions.

     acl_perm_t ae_perm
         This field defines what kind of access the process matching this ACL
         has for accessing the associated file.

         ACL_EXECUTE           The process may execute the associated file.

         ACL_WRITE             The process may write to the associated file.

         ACL_READ              The process may read from the associated file.

         ACL_PERM_NONE         The process has no read, write or execute
                               permissions to the associated file.

IMPLEMENTATION NOTES
     typedef mode_t  *acl_permset_t;

     /* internal ACL structure */
     struct acl {
             int                     acl_cnt;
             struct acl_entry        acl_entry[ACL_MAX_ENTRIES];
     };

     /* external ACL structure */
     struct acl_t_struct {
             struct acl              ats_acl;
             int                     ats_cur_entry;
     };
     typedef struct acl_t_struct *acl_t;

     /*
      * Possible valid values for ae_tag field.
      */
     #define ACL_UNDEFINED_TAG       0x00000000
     #define ACL_USER_OBJ            0x00000001
     #define ACL_USER                0x00000002
     #define ACL_GROUP_OBJ           0x00000004
     #define ACL_GROUP               0x00000008
     #define ACL_MASK                0x00000010
     #define ACL_OTHER               0x00000020
     #define ACL_OTHER_OBJ           ACL_OTHER

     /*
      * Possible valid values for acl_type_t arguments.
      */
     #define ACL_TYPE_ACCESS         0x00000000
     #define ACL_TYPE_DEFAULT        0x00000001
     #define ACL_TYPE_AFS            0x00000002
     #define ACL_TYPE_CODA           0x00000003
     #define ACL_TYPE_NTFS           0x00000004
     #define ACL_TYPE_NWFS           0x00000005

     /*
      * Possible flags in ae_perm field.
      */
     #define ACL_EXECUTE             0x0001
     #define ACL_WRITE               0x0002
     #define ACL_READ                0x0004
     #define ACL_PERM_NONE           0x0000
     #define ACL_PERM_BITS           (ACL_EXECUTE | ACL_WRITE | ACL_READ)
     #define ACL_POSIX1E_BITS        (ACL_EXECUTE | ACL_WRITE | ACL_READ)

     /*
      * Possible entry_id values for acl_get_entry()
      */
     #define ACL_FIRST_ENTRY         0
     #define ACL_NEXT_ENTRY          1

     /*
      * Undefined value in ae_id field
      */
     #define ACL_UNDEFINED_ID        ((uid_t)-1)

SEE ALSO
     acl(3), vaccess_acl_posix1e(9), VFS(9), vnaccess(9), VOP_ACLCHECK(9),
     VOP_GETACL(9), VOP_SETACL(9)

AUTHORS
     This manual page was written by Robert Watson.

FreeBSD 11.0-PRERELEASE        December 23, 1999       FreeBSD 11.0-PRERELEASE

---

NAME | SYNOPSIS | DESCRIPTION | IMPLEMENTATION NOTES | SEE ALSO | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=acl&sektion=9&manpath=FreeBSD+6.1-RELEASE>

home | help

---

Legal Notices | © 1995-2016 The FreeBSD Project. All rights reserved.

Contact