Last modified 12 years ago
Last modified on 08/11/09 16:59:33
Enumerations
ACE flags
The ACEFlags is a bit mask which includes the following fields:
| ACEFlags entries | Value | Description | Abbreviation |
| FILE_INHERIT | 0x00000001 | Can be placed on a directory and indicates that this ACE should be added to each new non-directory file created. | f |
| DIRECTORY_INHERIT | 0x00000002 | Can be placed on a directory and indicates that this ACE should be added to each new directory created. | d |
| INHERIT_ONLY | 0x00000008 | Can be placed on a directory but does not apply to the directory; ALLOW and DENY ACEs with this bit set do not affect access to the directory. Such ACEs only take effect once they are applied (with this bit cleared) to newly created files and directories as specified by the above two flags. | o |
Access Mask
The following access permissions are foreseen:
| Access Mask entries | Value | Description | Abbreviation |
| READ_DATA | 0x00000001 | Permission to read the data of a file | r |
| LIST_DIRECTORY | 0x00000001 | Permission to list the contents of a directory. | l |
| WRITE_DATA | 0x00000002 | Permission to modify a file’s data anywhere in the file’s offset range. This includes the ability to write to any arbitrary offset and as a result to grow the file. | w |
| ADD_FILE | 0x00000002 | Permission to add a new file in a directory. | f |
| APPEND_DATA | 0x00000004 | The ability to modify a file’s data, but only starting at EOF. | a |
| ADD_SUBDIRECTORY | 0x00000004 | Permission to create a subdirectory in a directory. | s |
| READ_NAMED_ATTRS | 0x00000008 | Permission to read the named attributes of a file or to lookup the named attributes directory. | n |
| WRITE_NAMED_ATTRS | 0x00000010 | Permission to write the named attributes of a file or to create a named attribute directory. | N |
| EXECUTE | 0x00000020 | Permission to execute a file or traverse/search a directory. | x |
| DELETE_CHILD | 0x00000040 | Permission to delete a file or directory within a directory. | D |
| READ_ATTRIBUTES | 0x00000080 | The ability to read basic attributes (non-ACLs) of a file. | t |
| WRITE_ATTRIBUTES | 0x00000100 | Permission to change the times associated with a file or directory to an arbitrary value. | T |
| DELETE | 0x00010000 | Permission to delete the file or directory. | d |
| READ_ACL | 0x00020000 | Permission to read the ACL. | c |
| WRITE_ACL | 0x00040000 | Permission to write the acl and mode attributes. | C |
| WRITE_OWNER | 0x00080000 | Permission to write the owner and owner group attributes. | o |
Who
The enumeration Who allows to identify different kind of subjects:
| Entries | Value | Description | Abbreviation |
| USER | 0x00000000 | The user identified by the virtual user ID. | USER |
| GROUP | 0x00000001 | The group identified by the virtual group ID. | GROUP |
| OWNER | 0x00000002 | The user who owns the resource. | OWNER@ |
| OWNER_GROUP | 0x00000003 | The group that owns the resource. | GROUP@ |
| EVERYONE | 0x00000004 | The world, including the owner and owning group. | EVERYONE@ |
| ANONYMOUS | 0x00000005 | Accessed without any authentication. | ANONYMOUS@ |
| AUTHENTICATED | 0x00000006 | Any authenticated user (opposite of ANONYMOUS). | AUTHENTICATED@ |
Back to Start Page ACLs with Chimera in dCache.
Back to Start Page ACLs with PNFS in dCache.
