Add new constants to the acl(9) manual page.

2009-05-24 09:42:53 +00:00 · 2009-05-24 09:42:53 +00:00 · 3f8cd45f79
commit 3f8cd45f79
parent 63bde62e9a
1 changed files with 74 additions and 4 deletions
--- a/share/man/man9/acl.9
+++ b/share/man/man9/acl.9
@ -59,7 +59,9 @@ Currently, each ACL is represented in-kernel by a fixed-size
 structure, defined as follows:
 .Bd -literal -offset indent
 struct acl {
-        int                     acl_cnt;
+        unsigned int            acl_maxcnt;
+        unsigned int            acl_cnt;
+        int                     acl_spare[4];
        struct acl_entry        acl_entry[ACL_MAX_ENTRIES];
 };
 .Ed
@ -67,6 +69,10 @@ struct acl {
 An ACL is constructed from a fixed size array of ACL entries,
 each of which consists of a set of permissions, principal namespace,
 and principal identifier.
+In this implementation, the
+.Vt acl_maxcnt
+field is always set to
+.Dv ACL_MAX_ENTRIES .
 .Pp
 Each individual ACL entry is of the type
 .Vt acl_entry_t ,
@ -97,13 +103,20 @@ match the ACL entry qualifier.
 .It Dv ACL_MASK
 The maximum discretionary access rights that can be granted
 to a process in the file group class.
+This is only valid for POSIX.1e ACLs.
 .It Dv ACL_OTHER
 Discretionary access rights for processes not covered by any other ACL
 entry.
+This is only valid for POSIX.1e ACLs.
 .It Dv ACL_OTHER_OBJ
 Same as
 .Dv ACL_OTHER .
-Each ACL entry must contain exactly one
+.It Dv ACL_EVERYONE
+Discretionary access rights for all users.
+This is only valid for NFSv4 ACLs.
+.El
+.Pp
+Each POSIX.1e ACL must contain exactly one
 .Dv ACL_USER_OBJ ,
 one
 .Dv ACL_GROUP_OBJ ,
@ -117,13 +130,19 @@ or
 are present, then exactly one
 .Dv ACL_MASK
 entry should be present.
-.El
 .It Vt uid_t Va ae_id
 The ID of user for whom this ACL describes access permissions.
+For entries other than
+.Dv ACL_USER
+and
+.Dv ACL_GROUP ,
+this field should be set to
+.Dv ACL_UNDEFINED_ID .
 .It Vt acl_perm_t Va ae_perm
 This field defines what kind of access the process matching this ACL has
 for accessing the associated file.
-.Bl -tag -width ".Dv ACL_POSIX1E_BITS"
+For POSIX.1e ACLs, the following are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
 .It Dv ACL_EXECUTE
 The process may execute the associated file.
 .It Dv ACL_WRITE
@ -134,6 +153,57 @@ The process may read from the associated file.
 The process has no read, write or execute permissions
 to the associated file.
 .El
+.Pp
+For NFSv4 ACLs, the following are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
+.It Dv ACL_READ_DATA
+The process may read from the associated file.
+.It Dv ACL_LIST_DIRECTORY
+Same as
+.Dv ACL_READ_DATA .
+.It Dv ACL_WRITE_DATA
+The process may write to the associated file.
+.It Dv ACL_ADD_FILE
+Same as
+.Dv ACL_ACL_WRITE_DATA .
+.It Dv ACL_APPEND_DATA
+.It Dv ACL_ADD_SUBDIRECTORY
+Same as
+.Dv ACL_APPEND_DATA .
+.It Dv ACL_READ_NAMED_ATTRS
+Ignored.
+.It Dv ACL_WRITE_NAMED_ATTRS
+Ignored.
+.It Dv ACL_EXECUTE
+The process may execute the associated file.
+.It Dv ACL_DELETE_CHILD
+.It Dv ACL_READ_ATTRIBUTES
+.It Dv ACL_WRITE_ATTRIBUTES
+.It Dv ACL_DELETE
+.It Dv ACL_READ_ACL
+.It Dv ACL_WRITE_ACL
+.It Dv ACL_WRITE_OWNER
+.It Dv ACL_SYNCHRONIZE
+Ignored.
+.El
+.It Vt acl_entry_type_t Va ae_entry_type
+This field defines the type of NFSv4 ACL entry.
+It is not used with POSIX.1e ACLs.
+The following values are valid:
+.Bl -tag -width ".Dv ACL_WRITE_NAMED_ATTRS"
+.It Dv ACL_ENTRY_TYPE_ALLOW
+.It Dv ACL_ENTRY_TYPE_DENY
+.El
+.It Vt acl_flag_t Va ae_flags
+This field defines the inheritance flags of NFSv4 ACL entry.
+It is not used with POSIX.1e ACLs.
+The following values are valid:
+.Bl -tag -width ".Dv ACL_ENTRY_DIRECTORY_INHERIT"
+.It Dv ACL_ENTRY_FILE_INHERIT
+.It Dv ACL_ENTRY_DIRECTORY_INHERIT
+.It Dv ACL_ENRY_NO_PROPAGATE_INHERIT
+.It Dv ACL_ENTRY_INHERIT_ONLY
+.El
 .El
 .Sh SEE ALSO
 .Xr acl 3 ,