getacl man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

getacl(1)							     getacl(1)

NAME
       getacl  - Displays the specified access control list (ACL) on a file of
       directory

SYNOPSIS
       getacl [-d  | -D] [-g group[,group...]] [-n] [-m]  [-u  user[,user...]]
       file...

OPTIONS
       Displays	 the  default  access ACL instead of the access ACL. Valid for
       directories only. The -d and -D options are mutually exclusive.	[Tru64
       UNIX]  Displays	the  default  directory ACL instead of the access ACL.
       Valid for directories only. The -d and -D options are  mutually	exclu‐
       sive.  [Tru64 UNIX]  Display the entries for the designated group names
       or GIDs only. If a numeric group name exists  in	 the  group  database,
       then  the entry for that group is displayed, not the entry for the GID.
       For example if there is a group name “521” with GID 40,	a  group  name
       “mygroup”  with	GID  521,  and	you request the entry using the -g 521
       option then the entry for the group name “521” is  displayed,  not  the
       entry  for  the	group  name “mygroup”. The -g option is not defined by
       POSIX.  [Tru64 UNIX]  Display the output in multicolumns. The -m option
       is  not	defined	 by POSIX.  [Tru64 UNIX]  Display numeric IDs.	The -n
       option is not defined by POSIX.	[Tru64 UNIX]  Display the entries  for
       the  designated user names and UIDs only. If a numeric user name exists
       in the user database, then the entry for that user  is  displayed,  not
       the entry for the UID. For example if there is a user name “39456” with
       UID 420, a user name “fred” with UID 39456, and you request  the	 entry
       using  the -u 39456 option then the entry for user name “39456” is dis‐
       played, not the entry for user name “fred”. The -u option may  be  used
       multiple times on the command line.

DESCRIPTION
					Note

       This command is based on Draft 13 of the POSIX P1003.6 standard.

       The  getacl  command displays the selected type of ACL for each file or
       directory named on the command line.

       The following three types of ACLs may be displayed:

       Access ACL	       Used to control access to a file or directory.
       Default directory ACL   Used to specify ACLs inherited by new  subdirecto‐
			       ries in a directory.  Valid on directories only.
       Default access ACL      Used  to	 specify ACLs inheried by new subdirecto‐
			       ries and files in a directory.  Valid on	 directo‐
			       ries only.

       For more information on the types of ACLs see the acl(4) reference page
       and the Security guide.

       If the access ACL is selected for display, and there is no access  ACL,
       the  getacl  command  displays  the permission bits in ACL format. If a
       default ACL is selected for  display,  and  the	selected  default  ACL
       doesn't	exist  on the specified directory, only the ACL header will be
       displayed.

       The user readable format of the ACL consists of the ACL header  section
       and  the	 entries section.  The ACL header section contains, at a mini‐
       mum, the following three lines:

       name of the object
       object owner
       group owner

       It may also contain blank comment lines or warning messages. Each  line
       of the ACL header section begins with a # character.

       The ACL entries section by default consists of one line per entry. Each
       line contains three colon-separated fields defined as:  The  ACL	 entry
       tag type (user/group/other).  The ACL entry tag qualifier.  This is the
       name or id that this entry pertains to.	If this	 field	is  empty  the
       entry  refers  to  the  owning user, owning group or other.  The access
       being granted by the entry.

       The output display format and relative ordering of ACL  entries	is  as
       follows:

	    user::perm
	    user:uid1:perm
	    user:uid2:perm
	    group::perm
	    group:gid1:perm
	    group:gid2:perm
	    other::perm

       The following are some typical getacl outputs: % getacl /ufs/test

       #  #  file:  /ufs/test  #  owner:  root	#  group:  system  # user::rwx
       user:fran:-wx user:adm:r-- group::r-x other::r-x

       % getacl -g adm /ufs/test

       # # file: /ufs/test # owner: root # group: system #

       % getacl -u adm /ufs/test

       # # file: /ufs/test # owner: root # group: system # user:adm:r--

       If any ACL entry is wider than the screen, the access control  list  is
       continued  on  the next line, indented to the previous line.  The width
       of the screen is taken from the COLUMNS environment  variable,  if  the
       variable is not set, the default width is 80 columns.

       The  -m option may be used to cause the ACL to be displayed in a multi‐
       column format. The user entries defined in the ACL are  placed  on  the
       screen  in the maximum number of columns allowed by the current size of
       the screen, followed by the group entries.

       The output from the getacl command is in the correct format  for	 input
       to  the	setacl command. The output may be redirected into a file, then
       the output file can be used as input to the setacl command. This	 tech‐
       nique  is  useful  for  assigning the ACL on an existing file to one or
       more new files. For example: $ getacl file1 > entries_file $ setacl  -U
       entries_file file2 file3 file4

       The  getacl  command  displays  the access control lists of those files
       that resides in directories that the user has search permissions to.

       ACLs may be set on files and directories if ACLs are  disabled  on  the
       system, but ACL access checks and ACL inheritance won't take place. The
       getacl command will print a warning if ACLs are disabled on the system.

       Not all types of filesystems support ACLs.   The	 getacl	 command  will
       print a warning if ACLs are not supported on the filesystem.

EXIT STATUS
       If  successful,	the getacl command exits with a status of zero. Other‐
       wise, this command exits with a status of 1 if it  aborted  because  of
       syntax  errors,	or  if	the  ACL  of  one  or  more files could not be
       accessed.

SEE ALSO
       Commands: setacl(1)

       Files: acl(4)

       Security

								     getacl(1)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net