 |
Index for Section 8 |
|
 |
Alphabetical listing for A |
|
 |
Bottom of page |
|
acladm(8)
NAME
acladm - Creates, moves, checks, synchronizes, and removes access control
list (ACL) information.
SYNOPSIS
/usr/sbin/acladm [-C | -E | -N | -O | [-P | -S | -T | -U] | -R] [-y
| -n | -f | -p] [-v]
/usr/sbin/acladm [-M] [-i filename] [-v] from_directory to_directory
OPTIONS
-C Checks and repairs the ACL data store. This option asks for
confirmation before making repairs unless the -y option is used, in
which case repairs are automatically made.
-E Enumerates all objects that have ACLs assigned to them.
-N Creates a new ACL data store if one does not already exist.
-O Reinitializes the default ACLs for standard objects. This option does
not affect user-created ACLs.
-P Synchronizes the ACL information with the physical data on the UNIX
file system. This option removes any ACLs for objects (such as files)
that no longer are present on the system. This option asks for
confirmation to synchronize ACLs unless the -y option is used, in which
case every ACL is automatically synchronized.
-S Removes redundant access control entries (ACEs) from ACLs.
-T Trims redundant ACLs from the ACL store. This option enumerates all the
ACLs and computes what the inherited ACL would be for each one. This
option asks for confirmation to remove redundant ACLs unless the -y
option is used, in which case redundant ACLs are automatically removed.
-U Removes ACEs of deleted or unknown users from ACLs.
-R Removes an ACL data store. This option asks for confirmation unless
the -y option is used, in which case the ACL store is automatically
removed.
-M Moves ACLs from one UNIX directory path to another. If an ACL exists in
the to_directory path, it is silently overwritten by the ACL in the
from_directory path. An example of when to use this option is to
restore a directory from a backup to a new directory path.
-i filename
When used with the -M option, restores ACLs from a backup copy of an
ACL store specified by filename. You do not need to stop the ASU server
to restore ACLs from backup.
If the to_directory path is not specified, it defaults to the same
value as the from_directory path. This option is useful for restoring
the ACLs of a directory that has been restored from backup.
-y When used with the -C, -P, -R, or -T option, changes are made without
prompting the user for confirmation.
-n When used with the -C, -P, or -T option, no changes are made to the ACL
store. The object name of each ACL entry that needs to change is
displayed with the action (fix or delete) that will be applied when the
-n option is not used.
-f Only valid when used with the -C option. Corrupt entries are fixed in
the ACL data store. No corrupt entries are deleted. User is not
prompted, each ACL entry that can be fixed is fixed automatically.
-p Only valid when used with the -C option on a member server. This option
is intended to be used when upgrading a member server. Fixes corrupt
entries in the ACL, migrates access control entries of the operators
groups to the power users group, and replaces operators access control
ACL entries with power user access control.
-v Displays detailed output of the acladm activity that you have
requested.
OPERANDS
from_directory
Specifies the directory from which the ACLs will be moved.
to_directory
Specifies the directory to which the ACLs will be moved.
DESCRIPTION
The acladm command creates, checks, prunes (synchronizes) or removes access
control list data. Creation of a new ACL data store will fail if it already
exists. The check (-C) option traverses through the ACL data store to
determine if there are any inconsistencies.
The prune option synchronizes the access control list information with the
physical data on the UNIX file system. Access control list information can
get out of sync when files are deleted using UNIX system commands.
You must be logged in as root to use the acladm command.
EXAMPLES
To check access control list information, enter the following command:
# acladm -C
Follow these steps to restore a file and its corresponding ASU ACLs:
1. Restore the file from backup.
2. Restore the /usr/net/servers/lanman/datafiles/acl file from the same
date to a different filename, for example may10.acl.
3. Enter the following command to restore the ACLs from backup:
# acladm -M -i may10.acl -v /path/filename
 |
Index for Section 8 |
|
 |
Alphabetical listing for A |
|
 |
Top of page |
|