NAME

VOP_ACLCHECK —

check an access control list for a vnode

SYNOPSIS

#include <sys/param.h>
#include <sys/vnode.h>
#include <sys/acl.h>

int
VOP_ACLCHECK(struct vnode *vp, acl_type_t type, struct acl *aclp, struct ucred *cred, struct thread *td);

DESCRIPTION

This vnode call may be used to determine the validity of a particular access control list (ACL) for a particular file or directory.

Its arguments are:

vp: The vnode of the file or directory.
type: The type of ACL to check.
aclp: A pointer to an ACL structure from which to retrieve the ACL data.
cred: The user credentials to use in authorizing the request.
td: The thread checking the ACL.

The cred pointer may be NULL to indicate that access control checks are not to be performed, if possible. This cred setting might be used to allow the kernel to authorize ACL verification that the active process might not be permitted to do.

The vnode ACL interface defines the syntax, and not semantics, of file and directory ACL interfaces. More information about ACL management in kernel may be found in acl(9).

LOCKS

No locks are required to call this vnode method, and any locks held on entry will be held on exit.

RETURN VALUES

If the aclp pointer points to a valid ACL of type type for the object vp, then zero is returned. Otherwise, an appropriate error code is returned.

ERRORS

[EINVAL]: The ACL type passed is invalid for this vnode, or the ACL data is invalid.
[EACCES]: The file or directory ACL does not permit access.
[ENOMEM]: Sufficient memory is not available to fulfill the request.
[EOPNOTSUPP]: The file system does not support VOP_ACLCHECK().

AUTHORS

This manual page was written by Robert Watson.