PreviousNext

DACL Management Interface (rdaclif) Operations

The rdacl_lookup( ) operation retrieves an ACL of an object in the security server. Review of ACL associated with an object in security server is allowed if the caller has any access to the object.

Event Type (Event Number, Event Classes)
ACL_Lookup (0x105, dce_sec_control, dce_sec_query)

Event-Specific Information
char *component_name
uuid_t manager_type
sec_acl_type_t acl_type

The rdacl_replace( ) operation replaces the ACL of an object in the security server. The client must have the sec_acl_perm_owner permission for the update to be carried out.

Event Type (Event Number, Event Classes)
ACL_Replace (0x106, dce_sec_control, dce_sec_modify)

Event-Specific Information
char *component_name
uuid_t manager_type
sec_acl_type_t acl_type
sec_acl_list_t old_acl_list
sec_acl_list_t new_acl_list

The rdacl_get_access( ) operation determines the callers access to a specified object. This call is authorized if the caller has any access to the object.

Event Type (Event Number, Event Classes)
ACL_GetAccess (0x107, dce_sec_control, dce_sec_query)

Event-Specific Information
char *component_name
uuid_t manager_type
sec_acl_permset_t net_rights

The rdacl_test_access( ) operation determines if the caller has the requested access. The return value of the call indicates whether the caller has the requested access to the object.

Event Type (Event Number, Event Classes)
ACL_TestAccess (0x108, dce_sec_control, dce_sec_query)

Event-Specific Information
char *component_name
uuid_t manager_type
sec_acl_permset_t desired_permset

The rdacl_get_manager_types( ) operation lists the types (UUIDs) of ACLs protecting an object. The caller must have some permissions on the object for each of the manager types that is defined for the object. Otherwise, no manager type is returned.

Event Type (Event Number, Event Classes)
ACL_GetMgrTypes (0x10A, dce_sec_control, dce_sec_query)

Event-Specific Information
char *component_name
sec_acl_type_t acl_type

The rdacl_get_referral( ) operation obtains a referral to an ACL update site. This function is used when the current ACL site yields a sec_acl_site_readonly error. Some replication managers require all updates for a given object to be directed to a given replica. Clients of the generic ACL interface may know they are dealing with an object that is replicated in this way. This function allows them to recover from this problem and rebind to the correct update site. The client is required to have execute access on the parent of the object named by component_name.

Event Type (Event Number, Event Classes)
ACL_GetReferral (0x10B, dce_sec_control, dce_sec_query)

Event-Specific Information
char *component_name
uuid_t manager_type
sec_acl_type_t sec_acl_type