getfacl man page on Solaris

Man page or keyword search:  
man Server   20652 pages
apropos Keyword Search (all sections)
Output format
Solaris logo
[printable version]

getfacl(1)			 User Commands			    getfacl(1)

NAME
       getfacl - display discretionary file information

SYNOPSIS
       getfacl [-ad] file...

DESCRIPTION
       For  each argument that is a regular file, special file, or named pipe,
       the getfacl utility displays the owner, the group, and the Access  Con‐
       trol  List  (ACL).   For	 each directory argument, getfacl displays the
       owner, the group, and the ACL and/or the default ACL. Only  directories
       contain default ACLs.

       The getfacl utility may be executed on a file system that does not sup‐
       port ACLs. It reports the ACL based on the base permission bits.

       With no options specified, getfacl  displays  the  filename,  the  file
       owner,  the  file group owner, and both the ACL and the default ACL, if
       it exists.

OPTIONS
       The following options are supported:

       -a	Displays the filename, the file owner, the file	 group	owner,
		and the ACL of the file.

       -d	Displays  the  filename, the file owner, the file group owner,
		and the default ACL of the file, if it exists.

OPERANDS
       The following operands are supported:

       file	The path name of a regular file, special file, or named pipe.

OUTPUT
       The format for ACL output is as follows:

       # file: filename
       # owner: uid
       # group: gid
       user::perm
       user:uid:perm
       group::perm
       group:gid:perm
       mask:perm
       other:perm
       default:user::perm
       default:user:uid:perm
       default:group::perm
       default:group:gid:perm
       default:mask:perm
       default:other:perm

       When multiple files are specified on the command	 line,	a  blank  line
       separates the ACLs for each file.

       The  ACL entries are displayed in the order in which they are evaluated
       when an access check is performed. The default  ACL  entries  that  may
       exist on a directory have no effect on access checks.

       The  first  three  lines	 display the filename, the file owner, and the
       file group owner. Notice that when only the -d option is specified  and
       the file has no default ACL, only these three lines are displayed.

       The  user  entry	 without a user ID indicates the permissions that  are
       granted to the file owner. One or more additional user entries indicate
       the permissions that are granted to the specified users.

       The  group entry without a group ID indicates the permissions that  are
       granted to the file group owner. One or more additional	group  entries
       indicate the permissions that  are granted to the specified groups.

       The  mask entry indicates the ACL mask permissions. These are the maxi‐
       mum permissions allowed to any user entries except the file owner,  and
       to any group entries, including the file group owner. These permissions
       restrict the permissions specified in other entries.

       The other entry indicates the permissions that are granted to others.

       The default entries may exist only for directories. These entries indi‐
       cate  the  default  entries that are added to a file created within the
       directory.

       The uid is a login name or a user ID if there is no entry for  the  uid
       in  the system password file, /etc/passwd. The gid is a group name or a
       group ID if there is no entry for the gid in  the  system  group	 file,
       /etc/group.  The	 perm is a three character string composed of the let‐
       ters representing the separate discretionary access rights: r (read), w
       (write),	 x (execute/search), or the place holder character −. The perm
       is displayed in the following  order:  rwx.  If	a  permission  is  not
       granted by an ACL entry, the place holder character appears.

       If  you use the chmod(1) command to change the file group owner permis‐
       sions on a file with ACL entries, both the file group owner permissions
       and  the ACL mask are changed to the new permissions. Be aware that the
       new ACL mask permissions may change the effective permissions for addi‐
       tional users and groups who have ACL entries on the file.

       In order to indicate that the ACL mask  restricts an ACL entry, getfacl
       displays an additional tab character, pound sign (#),  and  the	actual
       permissions granted, following the entry.

EXAMPLES
       Example 1: Displaying file information

       Given file foo, with an ACL six entries long, the command

       host% getfacl foo

       would print:

       # file: foo
       # owner: shea
       # group: staff
       user::rwx
       user:spy:−−−
       user:mookie:r−−
       group::r−−
       mask::rw−
       other::−−−

       Example 2: Displaying information after chmod command

       Continue with the above example, after chmod 700 foo was issued:

       host% getfacl foo

       would print:

       # file: foo
       # owner: shea
       # group: staff
       user::rwx
       user:spy:−−−
       user:mookie:r−−	   #effective:−−−
       group::−−−
       mask::−−−
       other::−−−

       Example 3: Displaying information when ACL contains default entries

       Given  directory	 doo, with an ACL containing default entries, the com‐
       mand

       host% getfacl -d doo

       would print:

       # file: doo
       # owner: shea
       # group: staff
       default:user::rwx
       default:user:spy:−−−
       default:user:mookie:r−−
       default:group::r−−
       default:mask::−−−
       default:other::−−−

FILES
       /etc/passwd     system password file

       /etc/group      group file

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWcsu			   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Interface Stability	     │Evolving			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       chmod(1),   ls(1),   setfacl(1),	  acl(2),   aclsort(3SEC),   group(4),
       passwd(4), attributes(5)

NOTES
       The  output from getfacl is in the correct format for input to the set‐
       facl -f command. If the output from getfacl is redirected  to  a	 file,
       the  file may be used as input to setfacl. In this way, a user may eas‐
       ily assign one file's ACL to another file.

SunOS 5.10			  5 Nov 1994			    getfacl(1)
[top]

List of man pages available for Solaris

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net