03/31/83 l_set_acl, lsa Syntax: lsa path mode1 {User_id1 ... modeN User_idN} {-control_args} Function: This command manipulates the access control lists (ACLs) of ring 1 segments and multisegment files. See "Access Control" in the Programmer's Reference Manual for a discussion of ACLs. Arguments: path is the pathname of a segment, multisegment file, or directory. If it is -working_directory (-wd), the working directory is assumed. The star convention can be used and applies to either segments and multisegment files or directories, depending on the type of mode specified in mode1. mode1 is a valid access mode. For segments or multisegment files, any or all of the "rew" letters; for directories, any or all of the "sma" letters with the requirement that if modify is present, status must also be present. Use null, "n" or "" to specify null access. User_id1 is an access control name that must be of the form Person_id.Project_id.tag. All ACL entries with matching names receive the mode mode1. (For a description of the matching strategy, see "Notes" below.) If no match is found and all three components are present, an entry is added to the ACL. If the last mode1 has no User_id following it, the Person_id of the user and current Project_id are assumed. Control arguments: -directory, -dr specifies that only directories are affected. -segment, -sm specifies that only segments and multisegment files are affected. This is the default. Either control argument is used to resolve an ambiguous choice between segments and directories that occurs only when mode1 is null and the star convention is used in path. Notes: The arguments are processed from left to right. Therefore, the effect of a particular pair can be changed by a later pair of arguments. The user needs modify permission on the containing directory. The strategy for matching an access control name argument is defined by three rules: 1. A literal component, including "*", matches only a component of the same name. 2. A missing component not delimited by a period is treated the same as a literal "*" (e.g., "*.Multics" is treated as "*.Multics.*"). Missing components on the left must be delimited by periods. 3. A missing component delimited by a period matches any component. Some examples of User_ids and the ACL entries they match are: *.*.* matches only the literal ACL entry "*.*.*". Multics matches only the ACL entry "Multics.*.*". (The absence of a leading period makes Multics the first component.) JRSmith.. matches any ACL entry with a first component of JRSmith." .. matches any ACL entry. . matches any ACL entry with a last component of *. "" (null string) matches any ACL entry ending in ".*.*". Examples: The command line: lsa *.pl1 rew * adds to the ACL of every segment in the working directory that has a two-component name with a second component of pl1 an entry with rew mode to *.*.* (everyone) if that entry does not exist; otherwise, it changes the mode of the *.*.* entry to rew. The command line: lsa -wd sm Jones.Faculty adds to the ACL of the working directory an entry with sm mode for Jones.Faculty.* if that entry does not exist; otherwise, it changes the mode of the Jones.Faculty.* entry to sm. ----------------------------------------------------------- Historical Background This edition of the Multics software materials and documentation is provided and donated to Massachusetts Institute of Technology by Group BULL including BULL HN Information Systems Inc. as a contribution to computer science knowledge. This donation is made also to give evidence of the common contributions of Massachusetts Institute of Technology, Bell Laboratories, General Electric, Honeywell Information Systems Inc., Honeywell BULL Inc., Groupe BULL and BULL HN Information Systems Inc. to the development of this operating system. Multics development was initiated by Massachusetts Institute of Technology Project MAC (1963-1970), renamed the MIT Laboratory for Computer Science and Artificial Intelligence in the mid 1970s, under the leadership of Professor Fernando Jose Corbato. Users consider that Multics provided the best software architecture for managing computer hardware properly and for executing programs. Many subsequent operating systems incorporated Multics principles. Multics was distributed in 1975 to 2000 by Group Bull in Europe , and in the U.S. by Bull HN Information Systems Inc., as successor in interest by change in name only to Honeywell Bull Inc. and Honeywell Information Systems Inc. . ----------------------------------------------------------- Permission to use, copy, modify, and distribute these programs and their documentation for any purpose and without fee is hereby granted,provided that the below copyright notice and historical background appear in all copies and that both the copyright notice and historical background and this permission notice appear in supporting documentation, and that the names of MIT, HIS, BULL or BULL HN not be used in advertising or publicity pertaining to distribution of the programs without specific prior written permission. Copyright 1972 by Massachusetts Institute of Technology and Honeywell Information Systems Inc. Copyright 2006 by BULL HN Information Systems Inc. Copyright 2006 by Bull SAS All Rights Reserved