PreviousNext

sec_acl_replace(3sec)

Replaces an ACL

Synopsis

#include <dce/daclif.h>

void sec_acl_replace(
sec_acl_handle_t h,
uuid_t *
manager_type,
sec_acl_type_t
sec_acl_type,
sec_acl_list_t *
sec_acl_list,
error_status_t *
status);

Parameters

Input

h
A handle referring to the target object. Use sec_acl_bind( ) to create this handle.

manager_type
A pointer to the UUID identifying the type of the ACL manager in question. There may be more than one type of ACL manager protecting the object whose ACL is bound to the input handle. Use this parameter to distinguish them. Use sec_acl_get_manager_types( ) to acquire a list of the manager types protecting a given object.

sec_acl_type
The ACL type. The sec_acl_type_t data type distinguishes the various types of ACLs an object can possess for a given manager type. The possible values are as follows:

· sec_acl_type_object

· sec_acl_type_default_object

· sec_acl_type_default_container

sec_acl_list
The new ACL to use for the target object. This is represented by a pointer to the sec_acl_list_t structure containing the complete Access Control List. An ACL contains a list of ACL entries, the UUID of the default cell where authentication will take place (foreign entries in the ACL contain the name of their parent cell), and the UUID of the ACL manager to interpret the list.

Output

status
A pointer to the completion status. On successful completion, the routine returns error_status_ok. Otherwise, it returns an error.

Description
The sec_acl_replace( ) routine replaces the ACL indicated by the input handle with the information in the sec_acl_list parameter. ACLs are thought of as immutable, and in order to modify them, an editing application must read an entire ACL (using the sec_acl_lookup( ) routine), modify it as needed, and replace it using this routine.

Permissions Required
The sec_acl_replace( ) routine requires the c (control) permission on the object for which the ACL is to be replaced.

Files

/usr/include/dce/daclif.idl
The idl file from which dce/daclif.h was derived.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

sec_acl_unknown_manager_type
The manager type selected is not an available option.

error_status_ok
The call was successful.

Related Information
Functions:

sec_intro(3sec)

sec_acl_bind(3sec)

sec_acl_lookup(3sec)