ACL(3) BSD Library Functions Manual ACL(3)NAMEacl — introduction to the POSIX.1e ACL security API
LIBRARY
library “libposix1e”
SYNOPSIS
#include <sys/types.h>
#include <sys/acl.h>
DESCRIPTION
As shipped, DragonFly permits file systems to export Access Control Lists
via the VFS, and provides a library for userland access to and manipula‐
tion of these ACLs, but support for ACLs is not provided by any file sys‐
tems shipped in the base operating system. The library calls shipped
with 4.0 include routines to allocate, duplicate, retrieve, set, and val‐
idate ACLs associated with file objects. As well as the POSIX.1e rou‐
tines, there are a number of non-portable extensions defined that allow
for alternative ACL semantics than the POSIX.1e semantics, such as AFS,
NTFS, and NWFS semantics. Where routines are non-standard, they are suf‐
fixed with _np to indicate that they are not portable.
POSIX.1e describes a set of ACL manipulation routines to manage the con‐
tents of ACLs, as well as their relationships with files. This manipula‐
tion library is not currently implemented in DragonFly, although a third
party library was under development at the time this document was writ‐
ten. There is a general consensus that the POSIX.1e manipulation rou‐
tines are ambiguously defined in the specification, and don't meet the
needs of most applications. For the time being, applications may
directly manipulate the ACL structures, defined in <sys/acl.h>, although
the recommended usage is to only ever handle text-form ACLs in applica‐
tions, generated and maintained using acl_from_text() and acl_to_text(),
passed directly to and from the management routines. In this manner, an
application can remain safely unaware of the contents of ACLs.
Available functions, sorted by behavior, include:
acl_delete_def_file(), acl_delete_file_np(), acl_delete_fd_np()
These functions are described in acl_delete(3), and may be used to delete
ACLs from file system objects.
acl_free()
This function is described in acl_free(3), and may be used to free user‐
land working ACL storage.
acl_from_text()
This function is described in acl_from_text(3), and may be used to con‐
vert a text-form ACL into working ACL state, if the ACL has POSIX.1e
semantics.
acl_get_file(), acl_get_fd(), acl_get_fd_np()
These functions are described in acl_get(3), and may be used to retrieve
ACLs from file system objects.
acl_init()
This function is described in acl_init(3), and may be used to allocate a
fresh (empty) ACL structure.
acl_dup()
This function is described in acl_dup(3), and may be used to duplicate an
ACL structure.
acl_set_file(), acl_set_fd(), acl_set_fd_np()
These functions are described in acl_set(3), and may be used to assign an
ACL to a file system object.
acl_to_text()
This function is described in acl_to_text(3), and may be used to generate
a text-form of a POSIX.1e semantics ACL.
acl_valid(), acl_valid_file_np(), acl_valid_fd_np()
Thee functions are described in acl_valid(3), and may be used to validate
an ACL as correct POSIX.1e-semantics, or as appropriate for a particular
file system object regardless of semantics.
Documentation of the internal kernel interfaces backing these calls may
be found in acl(9). The syscalls between the internal interfaces and the
public library routines may change over time, and as such are not docu‐
mented. They are not intended to be called directly without going
through the library.
IMPLEMENTATION NOTES
DragonFly's support for POSIX.1e interfaces and features is still under
development at this time.
ENVIRONMENT
POSIX.1e assigns security labels to all objects, extending the security
functionality described in POSIX.1. These additional labels provide
fine-grained discretionary access control, fine-grained capabilities, and
labels necessary for mandatory access control. POSIX.2c describes a set
of userland utilities for manipulating these labels. These userland
utilities are not bundled with DragonFly so as to discourage their use in
the short term.
SEE ALSOacl(3), acl_dup(3), acl_free(3), acl_from_text(3), acl_get(3),
acl_set(3), acl_to_text(3), acl_valid(3), acl(9)STANDARDS
POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion of the draft
continues on the cross-platform POSIX.1e implementation mailing list. To
join this list, see the FreeBSD POSIX.1e implementation page for more
information.
HISTORY
POSIX.1e support was introduced in FreeBSD 4.0, and development contin‐
ues.
AUTHORS
Robert N M Watson
BUGS
These features are not yet fully implemented. In particular, the shipped
version of UFS/FFS does not support storage of additional security
labels, and so is unable to (easily) provide support for most of these
features.
BSD January 28, 2000 BSD