| Standards / Extensions | C or C++ | Dependencies |
|---|---|---|
z/OS UNIX |
both | z/OS V1R3 |
#define _OPEN_SYS 1
#include <sys/acl.h>
int acl_get_entry (lacl_t acl_d, acl_entry_t *entry_p);Use access control lists (ACLs) in conjunction with permission bits to control access to files and directories. Currently, ACLs are supported by the HFS, TFS, and zFS file systems. You must know whether your security product supports ACLs and what rules are used when determining file access. See z/OS UNIX System Services Planning for details.
The acl_get_entry() function obtains a descriptor to the next extended ACL entry of the ACL indicated by argument acl_d. Upon successful execution, the acl_get_entry() function returns a descriptor for the extended ACL entry via entry_p. Argument acl_d must refer to a valid acl_t structure.
The first call to acl_get_entry() following a call to acl_first_entry(), acl_from_text(), acl_get_fd(), acl_get_file(), acl_set_fd(), acl_set_file(), or acl_valid() obtains the first extended ACL entry in the ACL, as ordered by the system. Subsequent calls to acl_get_entry() obtain successive extended ACL entries, until the last entry is obtained. After the last extended ACL entry has been obtained from the acl_d the value NULL is returned via entry_p.
To determine if ACL has any base ACL entries, check acl_d->lacl_base, which gives the number of base ACL entries present. Then the process can access the base ACL entries directly in the acl_d. (For example: acl_d->lacl_base_entries[0].acle_type is the type field of the first base ACL entry.)
If the function successfully obtains a pointer to the extended ACL entry, the function returns a value of one. If the last extended ACL entry in the ACL has already been returned by a previous call to acl_get_entry() or if ACL has no extended ACL entries, the function returns a value of zero.
If any of the following conditions occur, the acl_get_entry() function returns -1 and sets errno to the corresponding value: