42 lines
1.7 KiB
Plaintext
42 lines
1.7 KiB
Plaintext
The more common entry appears first if multiple rights allow an
|
|
operation. The operation identifier appears second.
|
|
|
|
Object File Directory* Link* Meaning
|
|
A A A Aa Administer ACL
|
|
VYA VYA VYA VvAa View ACL
|
|
L Ll List link
|
|
Rg RG RQ RrQ Read link, get attribute or file
|
|
Wu Ww WM WmM Modify attribute, data, links
|
|
DzWu DKWM DdKWMm Delete link or attribute
|
|
EiWu EeWw EIWM Insert attributes or links, append (extend)
|
|
>) >) >) >] Add rights (that follow the symbol)
|
|
<( <( <( <[ Remove rights (that follow the symbol)
|
|
|
|
Note that there used to be a B right, which you should consider as
|
|
equivalent to A, but you should avoid using it.
|
|
|
|
The following only appear on the server maintenance ACL
|
|
|
|
S Restart server
|
|
T Terminate server
|
|
U Update system information
|
|
P Administer passwords
|
|
p P Add new password entry
|
|
|
|
A "-" sign in an ACL entry means that the specified rights are
|
|
explicitly denied.
|
|
|
|
* A small letter on a directory ACL means that this right applies by
|
|
default for links in the directory that do not specify their own
|
|
ACL or that include the directory ACL. A capital letter on a link
|
|
ACL is ignored.
|
|
|
|
** When restrictions are supported, they can be used to restrict the
|
|
specific attributes to which a right applies, or to restrict the
|
|
interpretation of an ACL entry to only the Object, File, or Directory,
|
|
or link.
|
|
|
|
Note that OBJECT, FILE, and DIRECTORY ACLs are stored in the same
|
|
place, and share the same access control list (well, directory is
|
|
different for now, but will eventually be merged).
|