Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
getaccess(1)		    General Commands Manual		  getaccess(1)

       getaccess - list	access rights to file(s)

       user] user] group[,group]...] file ...

       file ...

       lists for the specified files the effective access rights of the	caller
       (that is, for their effective user ID, effective	group ID, and  supple-
       mentary groups list).  By default, the command prints a symbolic	repre-
       sentation of the	user's access rights to	the named file:	or for read/no
       read,  or for write/no write, and or for	execute/no execute (for	direc-
       tories, search/no search), followed by the file name.

       recognizes the following	options	and command-line arguments:

	      List access for the given	user instead of	the caller.
			     A user can	be a known user	name, a	valid ID  num-
			     ber,  or @, representing the file's owner ID.  If
			     information about	more  than  one	 file  is  re-
			     quested, the value	of @ can differ	for each.

			     This  option  sets	 the user ID only.  The	access
			     check is made with	the caller's  effective	 group
			     ID	 and  supplementary  group  IDs	unless is also

	      List access for the given	group(s) instead of the	 caller's  ef-
	      fective group
			     ID	and supplementary groups list.	A group	can be
			     a known group name, a valid ID number, or @, rep-
			     resenting	the  file's  group ID.	If information
			     about more	than one file is requested, the	 value
			     of	@ can differ for each.

	      List access using	the caller's real user
			     ID,  group	ID, and	supplementary groups list, in-
			     stead of effective	ID values.

	      List access rights numerically
			     (octal digits instead of for each file requested.
			     The bit values and	are defined in the file

       Checking	 access	 using access control lists is described in acl(5) and

       In addition, the	write bit is cleared for files on read-only file  sys-
       tems  or	 shared-text  programs being executed.	The execute bit	is not
       turned off for shared-text programs open	for writing because it is  not
       possible	 to ascertain whether a	file open for writing is a shared-text

       Processes with appropriate privileges have read and write access	to all
       files.	However,  write	 access	 is denied for files on	read-only file
       systems or shared-text programs being executed.	Execute	access is  al-
       lowed  if and only if the file is not a regular file or the execute bit
       is set in any of	the file's ACL entries.

       To use successfully, the	caller must have search	access in every	direc-
       tory  component	of  the	path name of the file.	verifies search	access
       first by	using the caller's effective IDs, regardless of	the  user  and
       group  IDs  specified.	This  is  distinct  from the case in which the
       caller can search the path but  the  user  for  whom  access  is	 being
       checked does not	have access to the file.

       Note:  a	file name argument of has no special meaning (such as standard
       input) to

   Environment Variables
       determines the language in which	messages are displayed.

       If is not specified or is set to	the empty string,  a  default  of  "C"
       (see  lang(5))  is used instead of If any internationalization variable
       contains	an invalid setting, behaves  as	 if  all  internationalization
       variables are set to "C".  See environ(5).

       returns one of the following values:

	      0	   Successful completion.

	      1	   was	invoked	 incorrectly or	encountered an unknown user or
		   group name.	An appropriate message is printed to  standard

	      2	   A  file  is	nonexistent  or	 unreachable  (by the caller).
		   prints an appropriate message to standard error, continues,
		   then	returns	a value	of 2 upon completion.

       The  following command prints the caller's access rights	to file1 using
       the file's group	ID instead of the  caller's  effective	group  ID  and
       groups list.

       Here's  how  to	check access by	user in	groups and to all files	in the
       current directory, with access rights expressed as octal	values.

       Here's how to list access rights	for all	files under

       was developed by	HP.

       chacl(1), getacl(1), lsacl(1), setacl(1), getaccess(2), glossary(9).



Want to link to this manual page? Use this URL:

home | help