documentation/subsystem/dfast/set_acl

 1 03/11/76   set_acl, sa
 2 
 3 Function:  The set_acl command manipulates the access control lists
 4 (ACLs) of files.  (See "Access Control" in Section III of the
 5 M^H__^Hu_^Hl_^Ht_^Hi_^Hc_^Hs D^H_F^H_A^H_S^H_T^H_ S^H__^Hu_^Hb_^Hs_^Hy_^Hs_^Ht_^He_^Hm U^H__^Hs_^He_^Hr_^Hs'^H_ G^H__^Hu_^Hi_^Hd_^He (Order No. AT59)).
 6 
 7 
 8 
 9 Syntax:  set_acl file_name mode1 {User_id1 ... modeN User_idN}
10 
11 
12 where:
13 
14 1.   file_name           is the file whose ACL is to be affected.  The
15                          star convention can be used.
16 
17 2.   modei               is a valid access mode.  This can be any or
18                          all of the letters rew.  Use null, "n" or ""
19                          to specify null access.
20 
21 3.   User_idi            is an access control name that must be of the
22                          form Person_id.Project_id.tag.  All ACL
23                          entries with matching names receive the mode
24                          modei.  (For a description of the matching
25                          strategy, see "Notes" below.)  If no match is
26                          found and all three components are present, an
27                          entry is added to the ACL.  If the last modei
28                          has no User_id following it, the user's
29                          Person_id and current Project_id are assumed.
30 
31 
32 Note:
33 
34 The arguments are processed from left to right.  Therefore, the effect
35 of a particular pair of arguments can be changed by a later pair of
36 arguments.
37 
38 
39 The matching of access control name arguments is defined by three
40 rules:
41 
42 
43       1.  A literal component, including "*", matches only a component
44           of the same name.
45 
46       2.  A missing component not delimited by a period is treated the
47           same as a literal "*" (e.g., "*.Multics" is treated as
48           "*.Multics.*").  Missing components on the left must be
49           delimited by periods.
50 
51       3.  A missing component delimited by a period matches any
52           component.
53 
54 Some examples of User_ids and which ACL entries they match are:
55 
56 
57           *.*.*     matches only the literal ACL entry "*.*.*".
58 
59           Multics   matches only the ACL entry "Multics.*.*". (The
60                     absence of a leading period makes Multics the first
61                     component.)
62 
63           JRSmith.. matches any ACL entry with a first component of
64           JRSmith.
65 
66           ..        matches any ACL entry.
67 
68           .         matches any ACL entry with a last component of *.
69 
70           ""        (null string) matches any ACL entry ending in
71           ".*.*".
72 
73 
74 Examples:
75 
76 !    set_acl *.basic rew *
77 
78 
79 adds to the ACL of every file in the home directory that has a
80 two-component name with a second component of basic an entry with mode
81 rew to *.*.* (everyone) if that entry does not exist; otherwise it
82 changes the mode of the *.*.* entry to rew.
83 
84 
85 !    sa alpha.basic rew .Faculty. r Jones.Faculty.
86 
87 
88 changes the mode of every entry on the ACL of alpha.basic with a middle
89 component of Faculty to rew, then changes the mode of every entry that
90 starts with Jones.Faculty to r.