BSD 4_4_Lite2 development

[unix-history] / usr / share / man / cat3 / acl_check.0

ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


N\bNA\bAM\bME\bE
      acl_canonicalize_principal,   acl_check,  acl_exact_match,
      acl_add, acl_delete, acl_initialize - access control  list
      routines

S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
      c\bcc\bc <\b<f\bfi\bil\ble\bes\bs>\b> -\b-l\bla\bac\bcl\bl -\b-l\blk\bkr\brb\bb

      #\b#i\bin\bnc\bcl\blu\bud\bde\be <\b<k\bkr\brb\bb.\b.h\bh>\b>

      a\bac\bcl\bl_\b_c\bca\ban\bno\bon\bni\bic\bca\bal\bli\biz\bze\be_\b_p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl(\b(p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl,\b, b\bbu\buf\bf)\b)
      c\bch\bha\bar\br *\b*p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl;\b;
      c\bch\bha\bar\br *\b*b\bbu\buf\bf;\b;

      a\bac\bcl\bl_\b_c\bch\bhe\bec\bck\bk(\b(a\bac\bcl\bl,\b, p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl)\b)
      c\bch\bha\bar\br *\b*a\bac\bcl\bl;\b;
      c\bch\bha\bar\br *\b*p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl;\b;

      a\bac\bcl\bl_\b_e\bex\bxa\bac\bct\bt_\b_m\bma\bat\btc\bch\bh(\b(a\bac\bcl\bl,\b, p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl)\b)
      c\bch\bha\bar\br *\b*a\bac\bcl\bl;\b;
      c\bch\bha\bar\br *\b*p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl;\b;

      a\bac\bcl\bl_\b_a\bad\bdd\bd(\b(a\bac\bcl\bl,\b, p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl)\b)
      c\bch\bha\bar\br *\b*a\bac\bcl\bl;\b;
      c\bch\bha\bar\br *\b*p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl;\b;

      a\bac\bcl\bl_\b_d\bde\bel\ble\bet\bte\be(\b(a\bac\bcl\bl,\b, p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl)\b)
      c\bch\bha\bar\br *\b*a\bac\bcl\bl;\b;
      c\bch\bha\bar\br *\b*p\bpr\bri\bin\bnc\bci\bip\bpa\bal\bl;\b;

      a\bac\bcl\bl_\b_i\bin\bni\bit\bti\bia\bal\bli\biz\bze\be(\b(a\bac\bcl\bl_\b_f\bfi\bil\ble\be,\b, m\bmo\bod\bde\be)\b)
      c\bch\bha\bar\br *\b*a\bac\bcl\bl_\b_f\bfi\bil\ble\be;\b;
      i\bin\bnt\bt m\bmo\bod\bde\be;\b;

D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
  I\bIn\bnt\btr\bro\bod\bdu\buc\bct\bti\bio\bon\bn
      An  access  control  list  (ACL)  is a list of principals,
      where each principal is represented by a text string which
      cannot contain whitespace.  The library allows application
      programs to refer to named access control  lists  to  test
      membership  and  to  atomically  add and delete principals
      using a natural and intuitive interface.  At present,  the
      names  of  access  control  lists  are required to be Unix
      filenames, and refer to human-readable Unix files; in  the
      future,  when  a  networked ACL server is implemented, the
      names may refer to a different namespace specific  to  the
      ACL service.


  P\bPr\bri\bin\bnc\bci\bip\bpa\bal\bl N\bNa\bam\bme\bes\bs
      Principal names have the form



MIT Project Athena     Kerberos Version 4.0                     1








ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


           <name>[.<instance>][@<realm>]
      e.g.:
           asp
           asp.root
           asp@ATHENA.MIT.EDU
           asp.@ATHENA.MIT.EDU
           asp.root@ATHENA.MIT.EDU
      It is possible for principals to be underspecified.  If an
      instance is missing, it is assumed to be "".  If realm  is
      missing, it is assumed to be the local realm as determined
      by _\bk_\br_\bb_\b__\bg_\be_\bt_\b__\bl_\br_\be_\ba_\bl_\bm(3).  The canonical form contains all  of
      name, instance, and realm; the acl_add and acl_delete rou-
      tines will always leave the file in that form.  Note  that
      the  canonical  form  of  asp@ATHENA.MIT.EDU  is  actually
      asp.@ATHENA.MIT.EDU.

  R\bRo\bou\but\bti\bin\bne\bes\bs
      _\ba_\bc_\bl_\b__\bc_\ba_\bn_\bo_\bn_\bi_\bc_\ba_\bl_\bi_\bz_\be_\b__\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl stores the  canonical  form  of
      _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl  in _\bb_\bu_\bf.  _\bB_\bu_\bf must contain enough space to store
      a principal, given  the  limits  on  the  sizes  of  name,
      instance,  and  realm  specified as ANAME_SZ, INST_SZ, and
      REALM_SZ, respectively, in _\b/_\bu_\bs_\br_\b/_\bi_\bn_\bc_\bl_\bu_\bd_\be_\b/_\bk_\br_\bb_\b._\bh.

      _\ba_\bc_\bl_\b__\bc_\bh_\be_\bc_\bk returns nonzero if  _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl  appears  in  _\ba_\bc_\bl.
      Returns  0  if  principal does not appear in acl, or if an
      error occurs.  Canonicalizes  principal  before  checking,
      and  allows  the  ACL to contain wildcards.  The only sup-
      ported wildcards are entries  of  the  form  name.*@realm,
      *.*@realm,  and  *.*@*.  An asterisk matches any value for
      its component  field.   For  example,  "jtkohl.*@*"  would
      match principal jtkohl, with any instance and any realm.

      _\ba_\bc_\bl_\b__\be_\bx_\ba_\bc_\bt_\b__\bm_\ba_\bt_\bc_\bh  performs  like  _\ba_\bc_\bl_\b__\bc_\bh_\be_\bc_\bk,  but  does  no
      canonicalization or wildcard matching.

      _\ba_\bc_\bl_\b__\ba_\bd_\bd atomically adds _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl to _\ba_\bc_\bl.   Returns  0  if
      successful, nonzero otherwise.  It is considered a failure
      if _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl is already in _\ba_\bc_\bl.  This routine will canoni-
      calize _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl, but will treat wildcards literally.

      _\ba_\bc_\bl_\b__\bd_\be_\bl_\be_\bt_\be atomically deletes _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl from _\ba_\bc_\bl.  Returns
      0 if successful, nonzero otherwise.  It  is  considered  a
      failure  if _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl is not already in _\ba_\bc_\bl.  This routine
      will canonicalize _\bp_\br_\bi_\bn_\bc_\bi_\bp_\ba_\bl, but will treat wildcards lit-
      erally.

      _\ba_\bc_\bl_\b__\bi_\bn_\bi_\bt_\bi_\ba_\bl_\bi_\bz_\be initializes _\ba_\bc_\bl_\b__\bf_\bi_\bl_\be.  If the file _\ba_\bc_\bl_\b__\bf_\bi_\bl_\be
      does not exist, _\ba_\bc_\bl_\b__\bi_\bn_\bi_\bt_\bi_\ba_\bl_\bi_\bz_\be creates it with mode  _\bm_\bo_\bd_\be.
      If  the  file  _\ba_\bc_\bl_\b__\bf_\bi_\bl_\be exists, _\ba_\bc_\bl_\b__\bi_\bn_\bi_\bt_\bi_\ba_\bl_\bi_\bz_\be removes all
      members.  Returns  0  if  successful,  nonzero  otherwise.
      WARNING:  Mode  argument  is  likely  to  change  with the



MIT Project Athena     Kerberos Version 4.0                     2








ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


      eventual introduction of an ACL service.

N\bNO\bOT\bTE\bES\bS
      In the presence of concurrency,  there  is  a  very  small
      chance  that  _\ba_\bc_\bl_\b__\ba_\bd_\bd  or  _\ba_\bc_\bl_\b__\bd_\be_\bl_\be_\bt_\be could report success
      even though it would have had no effect.  This is a neces-
      sary  side effect of using lock files for concurrency con-
      trol rather than flock(2), which is not supported by  NFS.

      The  current  implementation  caches  ACLs  in memory in a
      hash-table format for  increased  efficiency  in  checking
      membership;  one  effect of the caching scheme is that one
      file descriptor will be kept open for each ACL cached,  up
      to a maximum of 8.

S\bSE\bEE\bE A\bAL\bLS\bSO\bO
      kerberos(3), krb_get_lrealm(3)

A\bAU\bUT\bTH\bHO\bOR\bR
      James Aspnes (MIT Project Athena)


































MIT Project Athena     Kerberos Version 4.0                     3