ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


NNAAMMEE
       acl_canonicalize_principal,   acl_check,  acl_exact_match,
       acl_add, acl_delete, acl_initialize - access control  list
       routines

SSYYNNOOPPSSIISS
       cccc <<ffiilleess>> --llaaccll --llkkrrbb

       ##iinncclluuddee <<kkrrbb..hh>>

       aaccll__ccaannoonniiccaalliizzee__pprriinncciippaall((pprriinncciippaall,, bbuuff))
       cchhaarr **pprriinncciippaall;;
       cchhaarr **bbuuff;;

       aaccll__cchheecckk((aaccll,, pprriinncciippaall))
       cchhaarr **aaccll;;
       cchhaarr **pprriinncciippaall;;

       aaccll__eexxaacctt__mmaattcchh((aaccll,, pprriinncciippaall))
       cchhaarr **aaccll;;
       cchhaarr **pprriinncciippaall;;

       aaccll__aadddd((aaccll,, pprriinncciippaall))
       cchhaarr **aaccll;;
       cchhaarr **pprriinncciippaall;;

       aaccll__ddeelleettee((aaccll,, pprriinncciippaall))
       cchhaarr **aaccll;;
       cchhaarr **pprriinncciippaall;;

       aaccll__iinniittiiaalliizzee((aaccll__ffiillee,, mmooddee))
       cchhaarr **aaccll__ffiillee;;
       iinntt mmooddee;;

DDEESSCCRRIIPPTTIIOONN
   IInnttrroodduuccttiioonn
       An  access  control  list  (ACL)  is a list of principals,
       where each principal is represented by a text string which
       cannot contain whitespace.  The library allows application
       programs to refer to named access control  lists  to  test
       membership  and  to  atomically  add and delete principals
       using a natural and intuitive interface.  At present,  the
       names  of  access  control  lists  are required to be Unix
       filenames, and refer to human-readable Unix files; in  the
       future,  when  a  networked ACL server is implemented, the
       names may refer to a different namespace specific  to  the
       ACL service.


   PPrriinncciippaall NNaammeess
       Principal names have the form



MIT Project Athena     Kerberos Version 4.0                     1








ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


            <name>[.<instance>][@<realm>]
       e.g.:
            asp
            asp.root
            asp@ATHENA.MIT.EDU
            asp.@ATHENA.MIT.EDU
            asp.root@ATHENA.MIT.EDU
       It is possible for principals to be underspecified.  If an
       instance is missing, it is assumed to be "".  If realm  is
       missing, it is assumed to be the local realm as determined
       by _k_r_b___g_e_t___l_r_e_a_l_m(3).  The canonical form contains all  of
       name, instance, and realm; the acl_add and acl_delete rou-
       tines will always leave the file in that form.  Note  that
       the  canonical  form  of  asp@ATHENA.MIT.EDU  is  actually
       asp.@ATHENA.MIT.EDU.

   RRoouuttiinneess
       _a_c_l___c_a_n_o_n_i_c_a_l_i_z_e___p_r_i_n_c_i_p_a_l stores the  canonical  form  of
       _p_r_i_n_c_i_p_a_l  in _b_u_f.  _B_u_f must contain enough space to store
       a principal, given  the  limits  on  the  sizes  of  name,
       instance,  and  realm  specified as ANAME_SZ, INST_SZ, and
       REALM_SZ, respectively, in _/_u_s_r_/_i_n_c_l_u_d_e_/_k_r_b_._h.

       _a_c_l___c_h_e_c_k returns nonzero if  _p_r_i_n_c_i_p_a_l  appears  in  _a_c_l.
       Returns  0  if  principal does not appear in acl, or if an
       error occurs.  Canonicalizes  principal  before  checking,
       and  allows  the  ACL to contain wildcards.  The only sup-
       ported wildcards are entries  of  the  form  name.*@realm,
       *.*@realm,  and  *.*@*.  An asterisk matches any value for
       its component  field.   For  example,  "jtkohl.*@*"  would
       match principal jtkohl, with any instance and any realm.

       _a_c_l___e_x_a_c_t___m_a_t_c_h  performs  like  _a_c_l___c_h_e_c_k,  but  does  no
       canonicalization or wildcard matching.

       _a_c_l___a_d_d atomically adds _p_r_i_n_c_i_p_a_l to _a_c_l.   Returns  0  if
       successful, nonzero otherwise.  It is considered a failure
       if _p_r_i_n_c_i_p_a_l is already in _a_c_l.  This routine will canoni-
       calize _p_r_i_n_c_i_p_a_l, but will treat wildcards literally.

       _a_c_l___d_e_l_e_t_e atomically deletes _p_r_i_n_c_i_p_a_l from _a_c_l.  Returns
       0 if successful, nonzero otherwise.  It  is  considered  a
       failure  if _p_r_i_n_c_i_p_a_l is not already in _a_c_l.  This routine
       will canonicalize _p_r_i_n_c_i_p_a_l, but will treat wildcards lit-
       erally.

       _a_c_l___i_n_i_t_i_a_l_i_z_e initializes _a_c_l___f_i_l_e.  If the file _a_c_l___f_i_l_e
       does not exist, _a_c_l___i_n_i_t_i_a_l_i_z_e creates it with mode  _m_o_d_e.
       If  the  file  _a_c_l___f_i_l_e exists, _a_c_l___i_n_i_t_i_a_l_i_z_e removes all
       members.  Returns  0  if  successful,  nonzero  otherwise.
       WARNING:  Mode  argument  is  likely  to  change  with the



MIT Project Athena     Kerberos Version 4.0                     2








ACL_CHECK(3)         BSD Programmer's Manual         ACL_CHECK(3)


       eventual introduction of an ACL service.

NNOOTTEESS
       In the presence of concurrency,  there  is  a  very  small
       chance  that  _a_c_l___a_d_d  or  _a_c_l___d_e_l_e_t_e could report success
       even though it would have had no effect.  This is a neces-
       sary  side effect of using lock files for concurrency con-
       trol rather than flock(2), which is not supported by  NFS.

       The  current  implementation  caches  ACLs  in memory in a
       hash-table format for  increased  efficiency  in  checking
       membership;  one  effect of the caching scheme is that one
       file descriptor will be kept open for each ACL cached,  up
       to a maximum of 8.

SSEEEE AALLSSOO
       kerberos(3), krb_get_lrealm(3)

AAUUTTHHOORR
       James Aspnes (MIT Project Athena)


































MIT Project Athena     Kerberos Version 4.0                     3