Manpages - acl_extended_fd.3

Linux Access Control Lists library (libacl, -lacl).

The

function returns

if the file identified by the argument

is associated with an extended access ACL. The function returns

if the file does not have an extended access ACL.

An extended ACL is an ACL that contains entries other than the three required entries of tag types ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER. If the result of the

function for a file object is

then the ACL defines no discretionary access rights other than those already defined by the traditional file permission bits.

Access to the file object may be further restricted by other mechanisms, such as Mandatory Access Control schemes. The

system call can be used to check whether a given type of access to a file object would be granted.

If successful, the

function returns

if the file object identified by

has an extended access ACL, and

if the file object identified by

does not have an extended access ACL. Otherwise, the value

is returned and the global variable

is set to indicate the error.

If any of the following conditions occur, the

function returns

and sets

to the corresponding value:

The

argument is not a valid file descriptor.

The file system on which the file identified by

is located does not support ACLs, or ACLs are disabled.

This is a non-portable, Linux specific extension to the ACL manipulation functions defined in IEEE Std 1003.1e draft 17 (“POSIX.1e”, abandoned).

Written by