[ Previous | Next | Contents | Glossary | Home | Search ]
AIX Version 4.3 Commands Reference, Volume 1

aclget Command

Purpose

Displays the access control information of a file.

Syntax

aclget [ -o OutFile ] File

Description

The aclget command writes the access control information of the file specified by the File parameter to standard output or to the file specified by the OutFile parameter.

The information that you view includes attributes, base permissions, and extended permissions. To see an example of access control information, refer to Access Control List.

Flags

-o OutFile Specifies that the access control information be written to the file specified by the OutFile parameter.

Security

Access Control: This command should be a standard user program and have the trusted computing base attribute.

Access Control Lists

In an access control list, attributes, base and extended permissions are in the following format:

Attributes: ( SUID | SGID | SVTX )
Base Permissions:
Owner (name): Mode
Group (group): Mode
Others: Mode
Extended Permissions: ( Enabled | Disabled )
Permit  Mode   u:Username,g:groupname
Deny    Mode   u:Username,g:groupname
Specify Mode   u:Username,g:groupname

The access modes are: read (r), write (w), and execute/search (x), with the Mode parameter expressed as rwx (with a dash replacing each unspecified permission)

For example, the following ACL indicates that the file belongs to user user1 and the group staff. In addition, the user user2 has read access for the file:

Attributes:
Base Permissions:
Owner (user1): rw-
Group (group): r--
Others: ---
Extended Permissions:  Enabled 
Permit  r--   u:user2

The following ACL indicates that the file belongs to same user the group, but in this example, every other user has read access except for user2:

Attributes:
Base Permissions:
Owner (user1): rw-
Group (group): r--
Others: r--
Extended Permissions:  Enabled 
Deny  r--   u:user2

Examples

  1. To display the access control information for the status file, enter: 
    aclget  status
    An access control list appears, similar to the example in Access Control Lists.
  2. To copy the access control information of the plans file to the status file, enter: 
    aclget  plans  |  aclput  status
    This copies the access control information.
  3. To save the access control information of the plans file in the acl1 file to edit and use later, enter: 
    aclget  -o  acl1  plans

Files

/usr/bin/aclget Contains the aclget command.

Related Information

The acledit command, aclput command, chmod command.

Access Control Lists in AIX Version 4.3 System User's Guide: Operating System and Devices.

The Auditing Overview in AIX Version 4.3 System Management Guide: Operating System and Devices explains more about audits and audit events.

For more information about the identification and authentication of users, discretionary access control, the trusted computing base, and auditing, refer to Security Introduction in AIX Version 4.3 System Management Guide: Operating System and Devices.

[ Previous | Next | Contents | Glossary | Home | Search ]