PreviousNext

rdacl_get_access(3sec)

Reads a privilege attribute certificate

Synopsis

#include <dce/rdaclif.h>

void rdacl_get_access(
handle_t h,
sec_acl_component_name_t component_name,
uuid_t *manager_type,
sec_acl_permset_t *net_rights,
error_status_t *status);

Parameters

Input

h
A handle referring to the object whose ACL is to be accessed.

component_name
A character string containing the name of the target object.

manager_type
A pointer to the UUID identifying the type of the ACL manager in question. There may be more than one type of ACL manager protecting the object whose ACL is bound to the input handle. Use this parameter to distinguish them. Use sec_acl_get_manager_types( ) to acquire a list of the manager types protecting a given object.

Output

net_rights
The output list of access rights, in sec_acl_permset_t form. This is a 32-bit set of permission flags supported by the manager type.

status
A pointer to the completion status. On successful completion, the routine returns error_status_ok. Otherwise, it returns an error.

Description
The rdacl_get_access( ) routine determines the complete extent of access to the specified object by the calling process. Although the rdacl_test_access( ) routines are the preferred method of testing access, this routine is useful for implementing operations like the conventional UNIX access function.

Notes
This call is not intended to be used by application programs. The sec_acl Application Programming Interface (API) provides all the functionality necessary to use the ACL facility. This reference page is provided for programmers who wish to write an ACL manager. In order to write an ACL manager, a programmer must implement the entire rdacl interface.

This network interface is called on the client side via the sec_acl local interface. Developers are responsible for implementing the server side of this interface. Test server code is included as a sample implementation.

Files

/usr/include/dce/rdaclif.idl
The idl file from which dce/rdaclif.h was derived.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

sec_acl_invalid_manager_type
The manager type is not valid.

sec_acl_invalid_acl_type
The ACL type is not valid.

sec_acl_not_authorized
The requested operation is not allowed.

sec_acl_object_not_found
The requested object could not be found.

error_status_ok
The call was successful.

Related Information
Functions:

sec_intro(3sec)

rdacl_test_access(3sec)