ACL_GRANT
Section: User Commands (1)
Updated: May 2010
Index
Return to Main Contents
NAME
acl_grant - manual page for acl_grant (RSBAC 1.4.4)
DESCRIPTION
acl_grant (RSBAC 1.4.4)
***
Use: acl_grant [switches] subj_type subj_id [rights] target-type file/dirname(s)
-
-h = this help, -- = no more flags,
-
-v = verbose, -r = recurse into subdirs,
-
-p = print right names, -s = set rights, not add
-
-k = revoke rights, not add, -m remove entry (set back to inherit)
-
-b = expect rights as bitstring, -n = list valid SCD names
-
-d = numeric device specification ({b|c}major[:minor])
-
-u, -g, -l = shortcuts for USER, GROUP and ROLE
-
-t = set relative time-to-live for this trustee in seconds (add and set only)
-
-T = set absolute time-to-live for this trustee in seconds (add and set only)
-
-D = set relative time-to-live for this trustee in days (add and set only)
-
-V version = supply RSBAC integer version number for upgrading
-
-N ta = transaction number (default = value of RSBAC_TA, if set, or 0)
-
- subj_type = USER, GROUP or ROLE,
subj_id = user name or id number,
rights = list of space-separated right names (requests and ACL specials),
-
also request groups R (read requests), RW (read-write), W (write)
SY (system), SE (security), A (all)
S (ACL special rights)
and NWx with x = S R W C E A F M (similar to well-known network system)
-
target-type = FILE, DIR, FIFO, SYMLINK, DEV, IPC, SCD, USER, PROCESS, NETDEV,
-
NETTEMP_NT, NETTEMP, NETOBJ or FD
-
(FD: let acl_grant decide between FILE, DIR, FIFO and SYMLINK, no DEV),
(IPC, USER, PROCESS: only :DEFAULT:
(NETTEMP: no :DEFAULT:
- Use name :DEFAULT: for default ACL
***
Use: acl_grant [switches] subj_type subj_id [rights] target-type file/dirname(s)
-
-h = this help, -- = no more flags,
-
-v = verbose, -r = recurse into subdirs,
-
-p = print right names, -s = set rights, not add
-
-k = revoke rights, not add, -m remove entry (set back to inherit)
-
-b = expect rights as bitstring, -n = list valid SCD names
-
-d = numeric device specification ({b|c}major[:minor])
-
-u, -g, -l = shortcuts for USER, GROUP and ROLE
-
-t = set relative time-to-live for this trustee in seconds (add and set only)
-
-T = set absolute time-to-live for this trustee in seconds (add and set only)
-
-D = set relative time-to-live for this trustee in days (add and set only)
-
-V version = supply RSBAC integer version number for upgrading
-
-N ta = transaction number (default = value of RSBAC_TA, if set, or 0)
-
- subj_type = USER, GROUP or ROLE,
subj_id = user name or id number,
rights = list of space-separated right names (requests and ACL specials),
-
also request groups R (read requests), RW (read-write), W (write)
SY (system), SE (security), A (all)
S (ACL special rights)
and NWx with x = S R W C E A F M (similar to well-known network system)
-
target-type = FILE, DIR, FIFO, SYMLINK, DEV, IPC, SCD, USER, PROCESS, NETDEV,
-
NETTEMP_NT, NETTEMP, NETOBJ or FD
-
(FD: let acl_grant decide between FILE, DIR, FIFO and SYMLINK, no DEV),
(IPC, USER, PROCESS: only :DEFAULT:
(NETTEMP: no :DEFAULT:
- Use name :DEFAULT: for default ACL
Index
- NAME
-
- DESCRIPTION
-
This document was created by
man2html,
using the manual pages.
Time: 15:05:35 GMT, May 28, 2010