Hi all, Does anyone know whether openx_np() et al, and the filesec_t functions on which they depend, are supposed to be undocumented? Right now, the only documented way to manipulate file ACLs is acl_get/set_*() or the not very well documented ATTR_CMN_EXTENDED_SECURITY attribute on get/setattrlist(), and the only documented way to manipulate the UUID-based ownership data is ATTR_CMN_UUID/ATTR_CMN_GRPUUID (again from get/setattrlist() et al). The odd part is that one of the pieces of sample code uses the filesec_t type and openx_np, even though there appears to be no documentation whatsoever for those functions. So: 1. Are there *supposed* to be man pages for filesec_init() et al, openx_np() et al? Are they just MIA for some reason? Is this supposed to be a documented API? (It appears to be a reasonable design, aside from the fact that chmodx_np() could do with a way to allow the caller to specify that it should set *as much* as possible and then return what it has set; setattrlist() also suffers from a similar issue.) 2. Why does the man page for getattrlist() not mention that the data returned by ATTR_CMN_EXTENDED_SECURITY is supposed to be opaque (it actually says it's a kauth_filesec struct)? Or that you can get at the ACL by using acl_copy_int_native()? i.e. that it's the expected "external representation"? I note also that various pieces of Open Source software whose sources are published on opensource.apple.com are using the filesec functions... Kind regards, Alastair. -- http://alastairs-place.net _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.app... This email sent to site_archiver@lists.apple.com