Working with Access Control Lists (ACLs)

QNX SDP8.0Programmer's GuideDeveloper

Some filesystems, such as the Power-Safe (fs-qnx6.so) filesystem, extend file permissions with Access Control Lists, which are based on the withdrawn IEEE POSIX 1003.1e and 1003.2c draft standards.

As described in Access Control Lists (ACLs) in the QNX OS User's Guide, ACLs extend the traditional permissions as set with chmod, giving you finer control over who has access to your files and directories.

Note:
  • The POSIX draft also describes default ACLs that specify the initial ACL for new objects created within a directory. Default ACLs aren't currently implemented.
  • The cp utility doesn't copy any ACL that the source file has, but if the destination file already exists and has an ACL, its ACL is preserved.

If you're using the command line, you can use the getfacl and setfacl utilities to get and set the ACL for a file or directory, but there are also ways to manipulate ACLs from a program.

Let's start with the ways that an ACL can be represented, and then we'll look at how to work with them.

Page updated: