![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to acl_files.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / acl|
Return to acl_files.doc CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / acl |
1.1 root 1: PROTOTYPE ACL LIBRARY
2:
3: Introduction
4:
5: An access control list (ACL) is a list of principals, where each
6: principal is is represented by a text string which cannot contain
7: whitespace. The library allows application programs to refer to named
8: access control lists to test membership and to atomically add and
9: delete principals using a natural and intuitive interface. At
10: present, the names of access control lists are required to be Unix
11: filenames, and refer to human-readable Unix files; in the future, when
12: a networked ACL server is implemented, the names may refer to a
13: different namespace specific to the ACL service.
14:
15:
16: Usage
17:
18: cc <files> -lacl -lkrb.
19:
20:
21:
22: Principal Names
23:
24: Principal names have the form
25:
26: <name>[.<instance>][@<realm>]
27:
28: e.g.
29:
30: asp
31: asp.root
32: [email protected]
33: [email protected]
34: [email protected]
35:
36: It is possible for principals to be underspecified. If instance is
37: missing, it is assumed to be "". If realm is missing, it is assumed
38: to be local_realm. The canonical form contains all of name, instance,
39: and realm; the acl_add and acl_delete routines will always
40: leave the file in that form. Note that the canonical form of
41: [email protected] is actually [email protected].
42:
43:
44: Routines
45:
46: acl_canonicalize_principal(principal, buf)
47: char *principal;
48: char *buf; /*RETVAL*/
49:
50: Store the canonical form of principal in buf. Buf must contain enough
51: space to store a principal, given the limits on the sizes of name,
52: instance, and realm specified in /usr/include/krb.h.
53:
54: acl_check(acl, principal)
55: char *acl;
56: char *principal;
57:
58: Returns nonzero if principal appears in acl. Returns 0 if principal
59: does not appear in acl, or if an error occurs. Canonicalizes
60: principal before checking, and allows the ACL to contain wildcards.
61:
62: acl_exact_match(acl, principal)
63: char *acl;
64: char *principal;
65:
66: Like acl_check, but does no canonicalization or wildcarding.
67:
68: acl_add(acl, principal)
69: char *acl;
70: char *principal;
71:
72: Atomically adds principal to acl. Returns 0 if successful, nonzero
73: otherwise. It is considered a failure if principal is already in acl.
74: This routine will canonicalize principal, but will treat wildcards
75: literally.
76:
77: acl_delete(acl, principal)
78: char *acl;
79: char *principal;
80:
81: Atomically deletes principal from acl. Returns 0 if successful,
82: nonzero otherwise. It is consider a failure if principal is not
83: already in acl. This routine will canonicalize principal, but will
84: treat wildcards literally.
85:
86: acl_initialize(acl, mode)
87: char *acl;
88: int mode;
89:
90: Initialize acl. If acl file does not exist, creates it with mode
91: mode. If acl exists, removes all members. Returns 0 if successful,
92: nonzero otherwise. WARNING: Mode argument is likely to change with
93: the eventual introduction of an ACL service.
94:
95:
96: Known problems
97:
98: In the presence of concurrency, there is a very small chance that
99: acl_add or acl_delete could report success even though it would have
100: had no effect. This is a necessary side effect of using lock files
101: for concurrency control rather than flock(2), which is not supported
102: by NFS.
103:
104: The current implementation caches ACLs in memory in a hash-table
105: format for increased efficiency in checking membership; one effect of
106: the caching scheme is that one file descriptor will be kept open for
107: each ACL cached, up to a maximum of 8.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.