RE: ACL API ( acl_copy_ext) and ( acl_copy_int) not available for application!!!
RE: ACL API ( acl_copy_ext) and ( acl_copy_int) not available for application!!!
- Subject: RE: ACL API ( acl_copy_ext) and ( acl_copy_int) not available for application!!!
- From: "Singh, Gangadhar S (BIO)" <email@hidden>
- Date: Wed, 22 Apr 2009 11:03:55 +0000
- Acceptlanguage: en-US
- Thread-topic: ACL API ( acl_copy_ext) and ( acl_copy_int) not available for application!!!
Hi,
Thanks for the reply..
In Linux, we were using these APIs for processing the data between user managed space and kernel space. Similar requirement has come up for Mac OS X.
So User Application cannot use this APIs since it is not available in the man pages right?
Which are the appropriate APIs that can be used for exchanging the ACL data between kernel and user space.
Regards
Gangadhar
-----Original Message-----
From: Terry Lambert [mailto:email@hidden]
Sent: Wednesday, April 22, 2009 4:16 PM
To: Singh, Gangadhar S (BIO)
Cc: email@hidden
Subject: Re: ACL API ( acl_copy_ext) and ( acl_copy_int) not available for application!!!
On Apr 21, 2009, at 10:54 PM, Singh, Gangadhar S (BIO) wrote:
> Hi,
>
> In Linux, we have acl_copy_ext() and acl_copy_int() used for managing
> the data exchange between system-managed space and user managed space.
> The above APIs are not documented in the man pages of Mac OS X 10.4
> but are available in its libc library.
>
> Will Apple document these APIs for other application to use or not?
You mean will Apple republish the POSIX 1003.1e draft standard on which most ACL implementations are based, and which shows up as the first Google hit when searching for the phrase
posix 1003.1e draft standard ACL
Probably not; the published documentation in the draft standard is pretty sufficient.
You should note that the format of the first argument to
acl_copy_ext() and the only argument to acl_copy_int() is a
contiguous, persistent data item, the format of which is unspecified.
It is intentionally unspecified, since it contains data for which no reasonable APIs could be created, and maintain coherence between the data contained there and the active credential data associated with the POSIX credentials on a file system object to which an ACL has been attached, at the time of a file create or ownership modification request happens.
Basically, you are intended to use read/modify/write semantics so as to not cause these values to become disjoint, so there really isn't any valid reason for the internals to be documented. I was actually unable to find actual usage of these functions not internal to ACL implementations themselves in a brief google search on the subject.
-- Terry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden