1 .\" Copyright (c) 2010 Joerg Sonnenberger
2 .\" All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 .Dt ARCHIVE_ENTRY_ACL 3
29 .Nm archive_entry_acl_add_entry ,
30 .Nm archive_entry_acl_add_entry_w ,
31 .Nm archive_entry_acl_clear ,
32 .Nm archive_entry_acl_count ,
33 .Nm archive_entry_acl_next ,
34 .Nm archive_entry_acl_next_w ,
35 .Nm archive_entry_acl_reset ,
36 .Nm archive_entry_acl_text_w
37 .Nd functions for manipulating Access Control Lists in archive entry descriptions
41 .Fo archive_entry_acl_add_entry
42 .Fa "struct archive_entry *a"
47 .Fa "const char *name"
50 .Fo archive_entry_acl_add_entry_w
51 .Fa "struct archive_entry *a"
56 .Fa "const wchar_t *name"
59 .Fn archive_entry_acl_clear "struct archive_entry *a"
61 .Fn archive_entry_acl_count "struct archive_entry *a" "int type"
63 .Fo archive_entry_acl_next
64 .Fa "struct archive_entry *a"
67 .Fa "int *ret_permset"
70 .Fa "const char **ret_name"
73 .Fo archive_entry_acl_next_w
74 .Fa "struct archive_entry *a"
77 .Fa "int *ret_permset"
80 .Fa "const wchar_t **ret_name"
83 .Fn archive_entry_acl_reset "struct archive_entry *a" "int type"
85 .Fn archive_entry_acl_text_w "struct archive_entry *a" "int flags"
89 .Dq Access Control List
90 is a generalisation of the classic Unix permission system.
93 is derived from the POSIX.1e draft, but restricted to simplify dealing
94 with practical implementations in various Operating Systems and archive formats.
96 An ACL consists of a number of independent entries.
97 Each entry specifies the permission set as bitmask of basic permissions.
98 Valid permissions are:
99 .Bl -tag -offset indent -compact -width "ARCHIVE_ENTRY_ACL_EXECUTE"
100 .It Dv ARCHIVE_ENTRY_ACL_EXECUTE
101 .It Dv ARCHIVE_ENTRY_ACL_WRITE
102 .It Dv ARCHIVE_ENTRY_ACL_READ
104 The permissions correspond to the normal Unix permissions.
106 The tag specifies the principal to which the permission applies.
108 .Bl -tag -offset indent -compact -width "ARCHIVE_ENTRY_ACL_GROUP_OBJ"
109 .It Dv ARCHIVE_ENTRY_ACL_USER
110 The user specified by the name field.
111 .It Dv ARCHIVE_ENTRY_ACL_USER_OBJ
112 The owner of the file.
113 .It Dv ARCHIVE_ENTRY_ACL_GROUP
114 The group specied by the name field.
115 .It Dv ARCHIVE_ENTRY_ACL_GROUP_OBJ
116 The group who owns the file.
117 .It Dv ARCHIVE_ENTRY_ACL_MASK
118 The maximum permissions to be obtained via group permissions.
119 .It Dv ARCHIVE_ENTRY_ACL_OTHER
120 Any principal who doesn't have a user or group entry.
123 .Dv ARCHIVE_ENTRY_ACL_USER_OBJ ,
124 .Dv ARCHIVE_ENTRY_ACL_GROUP_OBJ
126 .Dv ARCHIVE_ENTRY_ACL_OTHER
127 are equivalent to user, group and other in the classic Unix permission
128 model and specify non-extended ACL entries.
130 All files have an access ACL
131 .Pq Dv ARCHIVE_ENTRY_ACL_TYPE_ACCESS .
132 This specifies the permissions required for access to the file itself.
133 Directories have an additional ACL
134 .Pq Dv ARCHIVE_ENTRY_ACL_TYPE_DEFAULT ,
135 which controls the initial access ACL for newly created directory entries.
137 .Fn archive_entry_acl_add_entry
139 .Fn archive_entry_acl_add_entry_w
140 add a single ACL entry.
141 For the access ACL and non-extended principals, the classic Unix permissions
144 .Fn archive_entry_acl_clear
145 removes all ACL entries and resets the enumeration pointer.
147 .Fn archive_entry_acl_count
148 counts the ACL entries that have the given type mask.
150 can be the bitwise-or of
151 .Dv ARCHIVE_ENTRY_ACL_TYPE_ACCESS
153 .Dv ARCHIVE_ENTRY_ACL_TYPE_DEFAULT .
155 .Dv ARCHIVE_ENTRY_ACL_TYPE_ACCESS
156 is included and at least one extended ACL entry is found,
157 the three non-extened ACLs are added.
159 .Fn archive_entry_acl_next
161 .Fn archive_entry_acl_next_w
162 return the next entry of the ACL list.
163 This functions may only be called after
164 .Fn archive_entry_acl_reset
165 has indicated the presence of extended ACL entries.
167 .Fn archive_entry_acl_reset
168 prepare reading the list of ACL entries with
169 .Fn archive_entry_acl_next
171 .Fn archive_entry_acl_next_w .
172 The function returns either 0, if no non-extended ACLs are found.
173 In this case, the access permissions should be obtained by
174 .Xr archive_entry_mode 3
177 Otherwise, the function returns the same value as
178 .Fn archive_entry_acl_count .
180 .Fn archive_entry_acl_text_w
181 converts the ACL entries for the given type mask into a wide string.
182 In addition to the normal type flags,
183 .Dv ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID
185 .Dv ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT
186 can be specified to further customize the result.
187 The returned long string is valid until the next call to
188 .Fn archive_entry_acl_clear ,
189 .Fn archive_entry_acl_add_entry ,
190 .Fn archive_entry_acl_add_entry_w
192 .Fn archive_entry_acl_text_w .
194 .Fn archive_entry_acl_count
196 .Fn archive_entry_acl_reset
197 returns the number of ACL entries that match the given type mask.
198 If the type mask includes
199 .Dv ARCHIVE_ENTRY_ACL_TYPE_ACCESS
200 and at least one extended ACL entry exists, the three classic Unix
201 permissions are counted.
203 .Fn archive_entry_acl_next
205 .Fn archive_entry_acl_next_w
210 if no more ACL entries exist
214 .Fn archive_entry_acl_reset
215 has not been called first.
217 .Fn archive_entry_text_w
218 returns a wide string representation of the ACL entrise matching the
220 The returned long string is valid until the next call to
221 .Fn archive_entry_acl_clear ,
222 .Fn archive_entry_acl_add_entry ,
223 .Fn archive_entry_acl_add_entry_w
225 .Fn archive_entry_acl_text_w .
230 .Dv ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID
232 .Dv ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT