1 03/31/83 l_set_acl, lsa
2
3 Syntax: lsa path mode1 User_id1 ... modeN User_idN -control_args
4
5
6 Function: This command manipulates the access control lists ACLs of
7 ring 1 segments and multisegment files. See "Access Control" in the
8 Programmer's Reference Manual for a discussion of ACLs.
9
10
11 Arguments:
12 path
13 is the pathname of a segment, multisegment file, or directory. If
14 it is -working_directory -wd, the working directory is assumed.
15 The star convention can be used and applies to either segments and
16 multisegment files or directories, depending on the type of mode
17 specified in mode1.
18 mode1
19 is a valid access mode. For segments or multisegment files, any or
20 all of the "rew" letters; for directories, any or all of the "sma"
21 letters with the requirement that if modify is present, status must
22 also be present. Use null, "n" or "" to specify null access.
23 User_id1
24 is an access control name that must be of the form
25 Person_id.Project_id.tag. All ACL entries with matching names
26 receive the mode mode1. For a description of the matching
27 strategy see "Notes" below. If no match is found and all three
28 components are present, an entry is added to the ACL. If the last
29 mode1 has no User_id following it, the Person_id of the user and
30 current Project_id are assumed.
31
32
33 Control arguments:
34 -directory, -dr
35 specifies that only directories are affected.
36 -segment, -sm
37 specifies that only segments and multisegment files are affected.
38 This is the default.
39
40 Either control argument is used to resolve an ambiguous choice
41 between segments and directories that occurs only when mode1 is null
42 and the star convention is used in path.
43
44
45 Notes: The arguments are processed from left to right. Therefore, the
46 effect of a particular pair can be changed by a later pair of
47 arguments.
48
49 The user needs modify permission on the containing directory.
50
51 The strategy for matching an access control name argument is
52 defined by three rules:
53
54 1. A literal component, including "*", matches only a component
55 of the same name.
56
57 2. A missing component not delimited by a period is treated the
58 same as a literal "*" e.g. "*.Multics" is treated as
59 "*.Multics.*". Missing components on the left must be
60 delimited by periods.
61
62 3. A missing component delimited by a period matches any
63 component.
64
65 Some examples of User_ids and the ACL entries they match are:
66
67 *.*.* matches only the literal ACL entry "*.*.*".
68
69 Multics matches only the ACL entry "Multics.*.*". The absence
70 of a leading period makes Multics the first component.
71
72 JRSmith.. matches any ACL entry with a first component of
73 JRSmith."
74
75 .. matches any ACL entry.
76
77 . matches any ACL entry with a last component of *.
78
79 "" null string matches any ACL entry ending in ".*.*".
80
81
82 Examples:
83
84 The command line:
85
86 lsa *.pl1 rew *
87
88 adds to the ACL of every segment in the working directory that has a
89 two-component name with a second component of pl1 an entry with rew
90 mode to *.*.* everyone if that entry does not exist; otherwise, it
91 changes the mode of the *.*.* entry to rew.
92
93
94 The command line:
95
96 lsa -wd sm Jones.Faculty
97
98 adds to the ACL of the working directory an entry with sm mode for
99 Jones.Faculty.* if that entry does not exist; otherwise, it changes the
100 mode of the Jones.Faculty.* entry to sm.