AFS::ACL(3pm)
NAME
AFS::ACL - Class to handle the AFS Access Control Lists
SYNOPSIS
use AFS::ACL;
my $acl = AFS::ACL->new({'foobar' => 'none'}, {'anyuser' => 'write'});
$acl->set('rjs' => 'write');
$acl->nset('opusl' => 'write');
$acl->remove('rjsnfs' => 'write');
$acl->clear;
foreach my $user ($acl->get_users) {
print " $user ", $acl->get_rights($user), "\n";
}
foreach my $user ($acl->nget_users) {
print " $user ", $acl->nget_rights($user), "\n";
}
my $ok = $acl->apply('/afs/mpa/home/guest');
my $copy = $acl->copy;
my $rights = AFS::ACL->crights('read');
my $new_acl = AFS::ACL->retrieve('/afs/mpa/home/nog');
$ok = $new_acl->modifyacl('/afs/mpa/home/guest');
DESCRIPTION
This class provides methods to handle the AFS Access Control Lists
(ACL). It is used to create, modify, delete, and reset ACL instances.
It has methods to retrieve and to set the ACL list for directories and
its files.
These methods have the optional argument FOLLOW. FOLLOW determines
which file should be used should PATH be a symbolic link. If FOLLOW be
set to 1, then the symbolic link is followed to its target. If FOLLOW
is set to 0, then the method applies to the symbolic link itself. If
not specified FOLLOW defaults to 1.
COMPATIBILITY
This release does NOT support any features and interfaces from version
1.
METHODS
CONSTRUCTOR
- $acl = AFS::ACL->new([\%POS [, \%NEG]]);
- Creates a new object of the class AFS::ACL. The constructor takes
two optional arguments. %POS and %NEG are lists of positive and
negative ACL entries given in the form of user-rights pairs, just
like a hash table. - COPY CONSTRUCTOR
- $new_acl = $$aaccll->copy;
- Returns a copy of an existing ACL object.
- CLASS METHODS
- $acl = AFS::ACL->retrieve(PATH [, FOLLOW]);
- Retrieves the ACL list for the given PATH and stores it in the
object $acl. - $ok = AFS::ACL->copyacl(FROMDIR, TODIR [, FOLLOW]);
- Copies the ACL list from a source directory FROMDIR to the
specified destination directory TODIR. The source directory''s ACL is unchanged. - $ok = AFS::ACL->cleanacl(PATH [, FOLLOW]);
- Removes from the ACL list of the specified PATH any entry that
refers to a user or group that no longer has a Protection Database entry. - $crights = AFS::ACL->crights(RIGHTS);
- Canonicalizes the RIGHTS string. Duplicate rights will be removed.
It recognizes the following special strings:
read => rl
write => rlidwk
all => rlidwka
mail => lik - $flags = AFS::ACL->ascii2rights(RIGHTS);
Converts RIGHTS as expressed in a character string to its internal value (an integer with the appropriate bits set). Returns -1 if
RIGHTS are not valid (rlidwka, read, write, all, none) or returns
the internal value (int32 with bits set). - $rights = AFS::ACL->rights2ascii(FLAGS);
Converts the internal value FLAGS to its corresponding character
string. - ATTRIBUTES ACCESS
- $rights = $$aaccll->get_rights(USER);
$nrights = $$aaccll->nget_rights(USER);Returns the access rights for the given USER in the
positive(->get_rights) or negative(->nget_rights) ACL list. - $acl->set(USER, RIGHTS);
$acl->nset(USER, RIGHTS);Adds the given USER and its access RIGHTS to the positive(->set) or negative(->nset) ACL list. - $acl->remove(USER);
$acl->nremove(USER);Removes the given USER and its access rights from the
positive(->remove) or negative(->nremove) ACL list. - $acl->empty;
Removes all users and their access rights from the positive and
negative ACL list. - $acl->clear;
$acl->nclear;Removes all users and their access rights from the
positive(->clear) or negative(->nclear) ACL list. - @users = $$aaccll->get_users;
@nusers = $$aaccll->nget_users;Returns users from the positive(->get_users) or
negative(->nget_users) ACL list. - $pos = $$aaccll->length;
$npos = $$aaccll->nlength;Returns the number of users in the positive(->length) or
negative(->nlength) ACL list. - $acl->exists(USER);
$acl->nexists(USER);Returns 1 if the given USER exists in the positive(->exists) or
negative(->nexists) ACL list. - INSTANCE METHODS
- $acl->add(NEWACL);
Adds all entries of the ACL list NEWACL to the ACL list $acl.
- $ok = $$aaccll->apply(PATH [, FOLLOW]);
Sets the ACL list for the given PATH. This call replaces the
existing ACL list with the new ACL list $acl. - $ok = $$aaccll->modifyacl(PATH, [, FOLLOW]);
Sets the ACL to the union of the given $acl list and the current
ACL of the PATH. An access right of none or an empty string will cause an entry to be removed from the ACL.
CURRENT AUTHOR
- Norbert E. Gruener <nog@MPA-Garching.MPG.de>..SH "AUTHOR EMERITUS"
Roland Schemers <schemers@slapshot.stanford.edu>..SH "COPYRIGHT AND
DISCLAIMER" - X 2001-2008 Norbert E. Gruener <nog@MPA-Garching.MPG.de>.
All rights reserved. - X 1994 Board of Trustees, Leland Stanford Jr. University.
All rights reserved. - Most of the explanations in this document are taken from the original AFS documentation.
- AFS-3 Programmer's Reference:
File Server/Cache Manager Interface
Edward R. Zayas
X 1991 Transarc Corporation.
All rights reserved. - IBM AFS Administration Reference
X IBM Corporation 2000.
All rights reserved. - This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
- The original module is covered by the following copyright:
- Copyright (c) 1994 Board of Trustees, Leland Stanford Jr.
University - Redistribution and use in source and binary forms are permitted
provided that the above copyright notice and this paragraph are
duplicated in all such forms and that any documentation,
advertising materials, and other materials related to such
distribution and use acknowledge that the software was developed by Stanford University. The name of the University may not be
used to endorse or promote products derived from this software
without specific prior written permission. THIS SOFTWARE IS
PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
DOCUMENT VERSION
- Revision $Rev: 859 $