[1f25cea9] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
| 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
| 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 |
|
---|
[bad63051] | 7 | <!ENTITY acl-download-http "http://download.savannah.gnu.org/releases/acl/acl-&acl-version;.src.tar.gz">
|
---|
[208950b] | 8 | <!ENTITY acl-download-ftp " ">
|
---|
[175af19] | 9 | <!ENTITY acl-md5sum "a61415312426e9c2212bd7dc7929abda">
|
---|
| 10 | <!ENTITY acl-size "384 KB">
|
---|
| 11 | <!ENTITY acl-buildsize "9.1 MB">
|
---|
[1f25cea9] | 12 | <!ENTITY acl-time "0.1 SBU">
|
---|
| 13 | ]>
|
---|
| 14 |
|
---|
| 15 | <sect1 id="acl" xreflabel="acl-&acl-version;">
|
---|
| 16 | <?dbhtml filename="acl.html"?>
|
---|
| 17 |
|
---|
| 18 | <sect1info>
|
---|
| 19 | <othername>$LastChangedBy$</othername>
|
---|
| 20 | <date>$Date$</date>
|
---|
| 21 | </sect1info>
|
---|
| 22 |
|
---|
| 23 | <title>acl-&acl-version;</title>
|
---|
| 24 |
|
---|
| 25 | <indexterm zone="acl">
|
---|
| 26 | <primary sortas="a-acl">acl</primary>
|
---|
| 27 | </indexterm>
|
---|
| 28 |
|
---|
| 29 | <sect2 role="package">
|
---|
| 30 | <title>Introduction to acl</title>
|
---|
| 31 |
|
---|
| 32 | <para>The <application>acl</application> package contains utilities to
|
---|
| 33 | administer Access Control Lists, which are used to define more fine-grained
|
---|
| 34 | discretionary access rights for files and directories.</para>
|
---|
| 35 |
|
---|
[f534f6f] | 36 | &lfs73_checked;
|
---|
[09fde38] | 37 |
|
---|
[1f25cea9] | 38 | <bridgehead renderas="sect3">Package Information</bridgehead>
|
---|
| 39 | <itemizedlist spacing="compact">
|
---|
| 40 | <listitem>
|
---|
| 41 | <para>Download (HTTP): <ulink url="&acl-download-http;"/></para>
|
---|
| 42 | </listitem>
|
---|
[00b2c1b] | 43 | <listitem>
|
---|
[1f25cea9] | 44 | <para>Download (FTP): <ulink url="&acl-download-ftp;"/></para>
|
---|
[0d7900a] | 45 | </listitem>
|
---|
[1f25cea9] | 46 | <listitem>
|
---|
| 47 | <para>Download MD5 sum: &acl-md5sum;</para>
|
---|
| 48 | </listitem>
|
---|
| 49 | <listitem>
|
---|
| 50 | <para>Download size: &acl-size;</para>
|
---|
| 51 | </listitem>
|
---|
| 52 | <listitem>
|
---|
| 53 | <para>Estimated disk space required: &acl-buildsize;</para>
|
---|
| 54 | </listitem>
|
---|
| 55 | <listitem>
|
---|
| 56 | <para>Estimated build time: &acl-time;</para>
|
---|
| 57 | </listitem>
|
---|
| 58 | </itemizedlist>
|
---|
| 59 |
|
---|
| 60 | <bridgehead renderas="sect3">acl Dependencies</bridgehead>
|
---|
| 61 |
|
---|
| 62 | <bridgehead renderas="sect4">Required</bridgehead>
|
---|
| 63 | <para role="required"><xref linkend="attr"/></para>
|
---|
| 64 |
|
---|
| 65 | <para condition="html" role="usernotes">User Notes:
|
---|
| 66 | <ulink url="&blfs-wiki;/acl"/></para>
|
---|
| 67 |
|
---|
| 68 | </sect2>
|
---|
| 69 |
|
---|
| 70 | <sect2 role="installation">
|
---|
| 71 | <title>Installation of acl</title>
|
---|
| 72 |
|
---|
| 73 | <para>Install <application>acl</application> by running the following
|
---|
| 74 | commands:</para>
|
---|
| 75 |
|
---|
[778be14] | 76 | <screen><userinput>sed -i -e 's|/@pkg_name@|&-@pkg_version@|' \
|
---|
[bad63051] | 77 | include/builddefs.in &&
|
---|
[208950b] | 78 |
|
---|
[bcad034] | 79 | INSTALL_USER=root \
|
---|
| 80 | INSTALL_GROUP=root \
|
---|
| 81 | ./configure --prefix=/usr --libdir=/lib --libexecdir=/usr/lib &&
|
---|
[1f25cea9] | 82 | make</userinput></screen>
|
---|
| 83 |
|
---|
| 84 | <para>For meaningful results, the tests need to be carried out on a file
|
---|
| 85 | system that supports extended attributes. It is also required that
|
---|
| 86 | <application>Coreutils</application> is re-installed after
|
---|
| 87 | <application>acl</application> is installed so that the extra acl bit
|
---|
[a52e6d76] | 88 | displays correctly on a <command>ls</command> command.</para>
|
---|
[1f25cea9] | 89 |
|
---|
| 90 | <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
|
---|
| 91 |
|
---|
[bad63051] | 92 | <!-- Package uses DIST_ROOT instead of DESTDIR -->
|
---|
[5ad276c] | 93 | <screen role="root"><userinput>make install install-dev install-lib &&
|
---|
| 94 | chmod -v 0755 /lib/libacl.so.1.1.0 &&
|
---|
| 95 | rm -v /lib/libacl.{a,la,so} &&
|
---|
| 96 | ln -sfv ../../lib/libacl.so.1 /usr/lib/libacl.so &&
|
---|
| 97 | sed -i "s|libdir='/lib'|libdir='/usr/lib'|" /usr/lib/libacl.la &&
|
---|
[bad63051] | 98 | install -v -m644 doc/*.txt /usr/share/doc/acl-&acl-version;</userinput></screen>
|
---|
[1f25cea9] | 99 |
|
---|
[c9354ea0] | 100 | <para>You should now re-install <application><ulink
|
---|
[49b9df3c] | 101 | url="&lfs-root;/chapter06/coreutils.html">Coreutils</ulink>
|
---|
[c9354ea0] | 102 | </application> and proceed to run the test suite.</para>
|
---|
[1f25cea9] | 103 |
|
---|
[de5e135] | 104 | <para>There are three sets of tests that come with this package. The local
|
---|
| 105 | partition where the tests are run must be mounted with acl configured as
|
---|
| 106 | described below. Additionally, the users <systemitem
|
---|
| 107 | class="username">bin</systemitem> and <systemitem
|
---|
| 108 | class="username">daemon</systemitem> must be created or modified to have a
|
---|
| 109 | proper shell and home directory and the group <systemitem
|
---|
| 110 | class="groupname">daemon</systemitem> must be a member of the <systemitem
|
---|
| 111 | class="groupname">bin</systemitem> group. The kernel must also be
|
---|
| 112 | configured with the appropriate ACL options (there are nine different
|
---|
| 113 | options).</para>
|
---|
| 114 |
|
---|
| 115 | <para>To run the standard tests run <command>make tests </command>. As
|
---|
| 116 | <systemitem class="username">root</systemitem> user, run <command>make
|
---|
| 117 | root-tests</command>.</para>
|
---|
| 118 |
|
---|
| 119 | <para>The third set of tests are Network File System (NFS) specific. See
|
---|
| 120 | the contents of the test files in the test/nfs/ directory for the setup
|
---|
| 121 | requirements.</para>
|
---|
[1f25cea9] | 122 |
|
---|
| 123 | </sect2>
|
---|
| 124 |
|
---|
[10033899] | 125 | <sect2 role="commands">
|
---|
| 126 | <title>Command Explanations</title>
|
---|
| 127 |
|
---|
| 128 | <para><command>sed -i ... include/builddefs.in</command>: This command
|
---|
[bad63051] | 129 | modifies the documentation directory so that it is a versioned
|
---|
| 130 | directory.</para>
|
---|
[10033899] | 131 |
|
---|
[a5a3255] | 132 | <para><command>sed -i ... /usr/lib/libacl.la</command>: This command
|
---|
[ff43ebb] | 133 | corrects the location of the installed static library as referenced
|
---|
[a5a3255] | 134 | in the libtool archive.</para>
|
---|
| 135 |
|
---|
[10033899] | 136 | </sect2>
|
---|
| 137 |
|
---|
[1f25cea9] | 138 | <sect2 role="configuration">
|
---|
[208950b] | 139 | <title>Configuring acl</title>
|
---|
[1f25cea9] | 140 | <sect3><title>Configuration Information</title>
|
---|
| 141 |
|
---|
| 142 | <para>There is no configuration to <application>acl</application> itself,
|
---|
| 143 | but to get any use out of <application>acl</application>, a filesystem
|
---|
| 144 | needs to support access control lists.</para>
|
---|
| 145 |
|
---|
| 146 | <para>One way to achieve this is to add the acl option to an ext3
|
---|
[208950b] | 147 | filesystem in the <filename>/etc/fstab</filename> file as shown
|
---|
| 148 | below:</para>
|
---|
[1f25cea9] | 149 |
|
---|
| 150 | <screen># file system mount-point type options dump fsck
|
---|
| 151 | # order
|
---|
| 152 |
|
---|
| 153 | /dev/sda1 / ext3 defaults,acl,user_xattr 0 2</screen>
|
---|
| 154 |
|
---|
| 155 | </sect3>
|
---|
| 156 |
|
---|
| 157 | </sect2>
|
---|
| 158 |
|
---|
| 159 | <sect2 role="content">
|
---|
| 160 | <title>Contents</title>
|
---|
| 161 |
|
---|
| 162 | <segmentedlist>
|
---|
| 163 | <segtitle>Installed Programs</segtitle>
|
---|
| 164 | <segtitle>Installed Library</segtitle>
|
---|
[2bb9a3a] | 165 | <segtitle>Installed Directories</segtitle>
|
---|
[1f25cea9] | 166 |
|
---|
| 167 | <seglistitem>
|
---|
| 168 | <seg>chacl, getfacl, and setfacl</seg>
|
---|
| 169 | <seg>libacl.{so,a}</seg>
|
---|
| 170 | <seg>/usr/{include/acl,share/doc/acl-&acl-version;}</seg>
|
---|
| 171 | </seglistitem>
|
---|
| 172 | </segmentedlist>
|
---|
| 173 |
|
---|
| 174 | <variablelist>
|
---|
| 175 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
| 176 | <?dbfo list-presentation="list"?>
|
---|
| 177 | <?dbhtml list-presentation="table"?>
|
---|
| 178 |
|
---|
| 179 | <varlistentry id="chacl">
|
---|
| 180 | <term><command>chacl</command></term>
|
---|
| 181 | <listitem>
|
---|
| 182 | <para>changes the access control list of a file or directory.</para>
|
---|
| 183 | <indexterm zone="acl chacl">
|
---|
| 184 | <primary sortas="b-chacl">chacl</primary>
|
---|
| 185 | </indexterm>
|
---|
| 186 | </listitem>
|
---|
| 187 | </varlistentry>
|
---|
| 188 |
|
---|
| 189 | <varlistentry id="getfacl">
|
---|
| 190 | <term><command>getfacl</command></term>
|
---|
| 191 | <listitem>
|
---|
| 192 | <para>gets file access control lists.</para>
|
---|
| 193 | <indexterm zone="acl getfacl">
|
---|
| 194 | <primary sortas="b-getfacl">getfacl</primary>
|
---|
| 195 | </indexterm>
|
---|
| 196 | </listitem>
|
---|
| 197 | </varlistentry>
|
---|
| 198 |
|
---|
| 199 | <varlistentry id="setfacl">
|
---|
| 200 | <term><command>setfacl</command></term>
|
---|
| 201 | <listitem>
|
---|
| 202 | <para>sets file access control lists.</para>
|
---|
| 203 | <indexterm zone="acl setfacl">
|
---|
| 204 | <primary sortas="b-setfacl">setfacl</primary>
|
---|
| 205 | </indexterm>
|
---|
| 206 | </listitem>
|
---|
| 207 | </varlistentry>
|
---|
| 208 |
|
---|
| 209 | <varlistentry id="libacl">
|
---|
| 210 | <term><filename class='libraryfile'>libacl.{so,a}</filename></term>
|
---|
| 211 | <listitem>
|
---|
| 212 | <para>contains the <application>acl</application> API functions.</para>
|
---|
| 213 | <indexterm zone="acl libacl">
|
---|
| 214 | <primary sortas="c-libacl">libacl.{so,a}</primary>
|
---|
| 215 | </indexterm>
|
---|
| 216 | </listitem>
|
---|
| 217 | </varlistentry>
|
---|
| 218 |
|
---|
| 219 | </variablelist>
|
---|
| 220 |
|
---|
| 221 | </sect2>
|
---|
| 222 |
|
---|
| 223 | </sect1>
|
---|