From owner-freebsd-current Fri Nov 8 6:47:52 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 291C437B401 for ; Fri, 8 Nov 2002 06:47:50 -0800 (PST) Received: from svr-ganmtc-appserv-mgmt.ncf.coxexpress.com (svr-ganmtc-appserv-mgmt.ncf.coxexpress.com [24.136.46.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2C2443EB7 for ; Fri, 8 Nov 2002 06:47:45 -0800 (PST) (envelope-from jedgar@www.fxp.org) Received: from darkstar.doublethink.cx (cpe-oca-24-136-59-202-cmcpe.ncf.coxexpress.com [24.136.59.202]) by svr-ganmtc-appserv-mgmt.ncf.coxexpress.com (8.11.4/8.11.4) with ESMTP id gA8Eliu19100; Fri, 8 Nov 2002 09:47:44 -0500 Received: by darkstar.doublethink.cx (Postfix, from userid 1000) id 59906280; Fri, 8 Nov 2002 09:47:39 -0500 (EST) Date: Fri, 8 Nov 2002 09:47:39 -0500 From: Chris Faulhaber To: kai ouyang Cc: Current@FreeBSD.org Subject: Re: a queston about ACL acl_type_t Message-ID: <20021108144739.GA1647@darkstar.doublethink.cx> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="zhXaljGHf11kAtnf" Content-Disposition: inline In-Reply-To: X-Mailer: socket() Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --zhXaljGHf11kAtnf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 08, 2002 at 11:17:39AM +0800, kai ouyang wrote: > Hi, > I am trying to understand the ACL implementation in FreeBSD-Current. I= =20 > have a question about ACL. > in "acl.h", there are some acl_type_t value macro: > /* > * Possible valid values for acl_type_t arguments. > */ > #define ACL_TYPE_ACCESS 0x00000000 > #define ACL_TYPE_DEFAULT 0x00000001 > #define ACL_TYPE_AFS 0x00000002 > #define ACL_TYPE_CODA 0x00000003 > #define ACL_TYPE_NTFS 0x00000004 > #define ACL_TYPE_NWFS 0x00000005 >=20 > But I am not sure what's means. See the POSIX.1e draft[1] for detailed explanations. Basically we support access ACL's on files and directories allowing discretionary access control and default ACL's on directories which determine the default access ACL's on any files and directories created below it. > in the 'setfacl' source, I found the usage: > If we want to control a directory, > acl[ACL_TYPE_DEFAULT] =3D acl_get_file(filename, ACL_TYPE_DEFAULT); > if we want to sontrol a file, > acl[DEFAULT_ACL] =3D NULL; > Why? > What's the difference among those macros? > Why must a directory object reserve two acl_t_structs, and a file only ne= ed=20 > one? >=20 Because directories may have both default and access ACL's whereas files may only have access ACL's. [1] http://wt.xpilot.org/publications/posix.1e/ --=20 Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org --zhXaljGHf11kAtnf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) Comment: FreeBSD: The Power To Serve iD8DBQE9y86LObaG4P6BelARAsUwAJ9XM5ZH91MLP5tsq01H4aq+zNvVfQCdHqK1 jB6fb1jxzcZ8VWXL/+gYdS0= =WiuE -----END PGP SIGNATURE----- --zhXaljGHf11kAtnf-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message