dpns-setacl man page

DPNS-SETACL(1)                DPNS User Commands                DPNS-SETACL(1)

[1mNAME[0m
      dpns-setacl - set DPNS directory/file access control lists

[1mSYNOPSIS[0m
      [1mdpns-setacl [22m[[1m-d[22m] [[1m-m[22m] [[1m-s[22m] [4macl_entries[24m [4mpath[24m...

[1mDESCRIPTION[0m
      [1mdpns-setacl  [22msets the Access Control List associated with a DPNS direc-
      tory/file.

      [4macl_entries[24m is a comma separated list of entries. Each entry has  colon
      separated  fields: ACL type, id (uid or gid), permission. Only directo-
      ries can have default ACL entries.

      The entries look like:

           user::perm
           user:uid:perm
           group::perm
           group:gid:perm
           mask:perm
           other:perm
           default:user::perm
           default:user:uid:perm
           default:group::perm
           default:group:gid:perm
           default:mask:perm
           default:other:perm

      The ACL type can be abbreviated to the first letter.  The first  "user"
      entry gives the permissions granted to the owner of the file.  The fol-
      lowing "user" entries show the permissions granted to  specific  users,
      they  are  sorted  in  ascending order of uid.  The first "group" entry
      gives the permissions granted to the group owner of the file.  The fol-
      lowing "group" entries show the permissions granted to specific groups,
      they are sorted in ascending order of gid.  The  "mask"  entry  is  the
      maximum  permission  granted  to specific users or groups.  It does not
      affect the "owner" and "other" permissions.  The "mask" entry  must  be
      present  if  there  are  specific "user" or "group" entries.  "default"
      entries associated with a directory are inherited as access ACL by  the
      files  or  sub-directories  created in that directory. The [1mumask [22mis not
      used.  Sub-directories also inherit the default ACL as default ACL.  As
      soon  as there is one default ACL entry, the 3 default ACL base entries
      (default user, default group, default other) must be present.

      The entry processing conforms to the Posix 1003.1e draft standard 17.

      The effective user ID of the process must match the owner of  the  file
      or the caller must have ADMIN privilege in the Cupv database.

      [4mpath[24m   specifies  the DPNS pathname.  If [4mpath[24m does not start with [1m/[22m, it
             is prefixed by the content of the  [1mDPNS_HOME  [22menvironment  vari-
             able.

      [4muid[24m    can be given as the username or the corresponding numeric id.

      [4mgid[24m    can be given as the groupname or the corresponding numeric id.

      [4mperm[24m   can  be  expressed  as  a combination of characters [1mrwx- [22mor as a
             value between 0 and 7.

[1mOPTIONS[0m
      [1m-d     [22mremove ACL entries. The "perm" field is ignored.

      [1m-m     [22mmodify existing ACL entries or add new entries.

      [1m-s     [22mset the  ACL  entries.  The  complete  set  of  ACL  entries  is
             replaced.

[1mEXAMPLES[0m
      Let's create a directory:
           dpns-mkdir /dpm/dteam/test/file.log/d6
      and add write permission for user bcouturi:
           dpns-setacl -m u:bcouturi:rwx,m:rwx /dpm/dteam/test/file.log/d6
      Let's create a directory:
           dpns-mkdir /dpm/dteam/test/file.log/d7
      and add default ACLs to it:
           dpns-setacl -m d:u::7,d:g::7,d:o:5 /dpm/dteam/test/file.log/d7
      Let's check the resulting ACLs:
           dpns-getacl /dpm/dteam/test/file.log/d7
      # file: /dpm/dteam/test/file.log/d7
      # owner: baud
      # group: c3
      user::rwx
      group::r-x              #effective:r-x
      other::r-x
      default:user::rwx
      default:group::rwx
      default:other::r-x

      Let's create a sub-directory and check the resulting ACLs:
           dpns-mkdir /dpm/dteam/test/file.log/d7/d2
           dpns-getacl /dpm/dteam/test/file.log/d7/d2
      # file: /dpm/dteam/test/file.log/d7/d2
      # owner: baud
      # group: c3
      user::rwx
      group::rwx              #effective:rwx
      other::r-x
      default:user::rwx
      default:group::rwx
      default:other::r-x

      Let's create a file in the same directory and check the resulting ACLs:
           dpns-touch /dpm/dteam/test/file.log/d7/f2
           dpns-getacl /dpm/dteam/test/file.log/d7/f2
      # file: /dpm/dteam/test/file.log/d7/f2
      # owner: baud
      # group: c3
      user::rw-
      group::rw-              #effective:rw-
      other::r--

[1mEXIT STATUS[0m
      This  program  returns  0  if the operation was successful or >0 if the
      operation failed.

[1mSEE ALSO[0m
      [1mCastor_limits(4)[22m, [1mdpns_chmod(3)[22m, [1mdpns_chown(3)[22m, [1mCupvlist(1)[0m

[1mAUTHOR[0m
      [1mLCG Grid Deployment [22mTeam

DPNS                     $Date: 2003/08/26 06:21:13 $           DPNS-SETACL(1)