'\" te
.\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved.
.TH acl_check 3SEC "22 Apr 2008" "SunOS 5.11" "File Access Control Library Functions"
.SH NAME
acl_check \- check the validity of an ACL
.SH SYNOPSIS
.LP
.nf
cc [ \fIflag\fR\&.\|.\|. ] \fIfile\fR\&.\|.\|. \fB-lsec\fR [ \fIlibrary\fR\&.\|.\|. ] 
#include <sys/acl.h>

\fBint\fR \fBacl_check\fR(\fBacl_t *\fR\fIaclp\fR, \fBint\fR \fIisdir\fR);
.fi

.SH DESCRIPTION
.sp
.LP
The \fBacl_check()\fR function checks the validity of an ACL pointed to by \fIaclp\fR. The \fIisdir\fR argument checks the validity of an ACL that will be applied to a directory. The ACL can be either a POSIX draft ACL as supported by UFS or NFSv4 ACL as supported by ZFS or NFSV4.
.sp
.LP
When the function verifies a POSIX draft ACL, the rules followed are described in \fBaclcheck\fR(3SEC). For NFSv4 ACL, the ACL is verified against the following rules:
.RS +4
.TP
.ie t \(bu
.el o
The inheritance flags are valid.
.RE
.RS +4
.TP
.ie t \(bu
.el o
The ACL must have at least one ACL entry and no more than {\fBMAX_ACL_ENTRIES\fR}.
.RE
.RS +4
.TP
.ie t \(bu
.el o
The permission field contains only supported permissions.
.RE
.RS +4
.TP
.ie t \(bu
.el o
The entry type is valid.
.RE
.RS +4
.TP
.ie t \(bu
.el o
The flag fields contain only valid flags as supported by NFSv4/ZFS.
.RE
.sp
.LP
If any of the above rules are violated, the function fails with \fBerrno\fR set to \fBEINVAL\fR.
.SH RETURN VALUES
.sp
.LP
If the ACL is valid, \fBacl_check()\fR returns 0. Otherwise \fBerrno\fR is set to \fBEINVAL\fR and the return value is set to one of the following:
.sp
.ne 2
.mk
.na
\fB\fBEACL_INHERIT_ERROR\fR\fR
.ad
.RS 23n
.rt  
There are invalid inheritance flags specified.
.RE

.sp
.ne 2
.mk
.na
\fB\fBEACL_FLAGS_ERROR\fR\fR
.ad
.RS 23n
.rt  
There are invalid flags specified on the ACL that don't map to supported flags in NFSV4/ZFS ACL model.
.RE

.sp
.ne 2
.mk
.na
\fB\fBEACL_ENTRY_ERROR\fR\fR
.ad
.RS 23n
.rt  
The ACL contains an unknown value in the type field.
.RE

.sp
.ne 2
.mk
.na
\fB\fBEACL_MEM_ERROR\fR\fR
.ad
.RS 23n
.rt  
The system cannot allocate any memory.
.RE

.sp
.ne 2
.mk
.na
\fB\fBEACL_INHERIT_NOTDIR\fR\fR
.ad
.RS 23n
.rt  
Inheritance flags are only allowed for ACLs on directories.
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp

.sp
.TS
tab() box;
cw(2.75i) |cw(2.75i) 
lw(2.75i) |lw(2.75i) 
.
ATTRIBUTE TYPEATTRIBUTE VALUE
_
Interface StabilityCommitted
_
MT-LevelMT-Safe
.TE

.SH SEE ALSO
.sp
.LP
\fBacl\fR(2), \fBaclcheck\fR(3SEC), \fBaclsort\fR(3SEC), \fBacl\fR(5), \fBattributes\fR(5)