VOP_ACLCHECK(9)

NAME

     VOP_ACLCHECK -- check an access control list for a vnode

SYNOPSIS

     #include <sys/param.h>
     #include <sys/vnode.h>
     #include <sys/acl.h>

     int
     VOP_ACLCHECK(struct vnode *vp, acl_type_t type, struct acl *aclp,
	 struct ucred *cred, struct thread *td);

DESCRIPTION

     This vnode call may be used to determine the validity of a particular
     access control list (ACL) for a particular file or directory.

     Its arguments are:

     vp    the vnode of the file or directory

     type  the type of ACL to check

     aclp  a pointer to an ACL structure from which to retrieve the ACL data

     cred  the user credentials to use in authorizing the request

     td    the thread checking the ACL

     The cred pointer may be NULL to indicate that access control checks are
     not to be performed, if possible.	This cred setting might be used to
     allow the kernel to authorize ACL verification that the active process
     might not be permitted to do.

     The vnode ACL interface defines the syntax, and not semantics, of file
     and directory ACL interfaces.  More information about ACL management in
     kernel may be found in acl(9).

LOCKS

     No locks are required to call this vnode method, and any locks held on
     entry will be held on exit.

RETURN VALUES

     If the aclp pointer points to a valid ACL of type type for the object vp,
     then zero is returned.  Otherwise, an appropriate error code is returned.

ERRORS

     [EINVAL]		The ACL type passed is invalid for this vnode, or the
			ACL data is invalid.

     [EACCES]		The file or directory ACL does not permit access.

     [ENOMEM]		Sufficient memory is not available to fulfill the
			request.

     [EOPNOTSUPP]	The file system does not support VOP_ACLCHECK().

SEE ALSO

     acl(9), vnode(9), VOP_GETACL(9), VOP_SETACL(9)

AUTHORS

     This man page was written by Robert Watson.