[−][src]Function exacl::setfacl
pub fn setfacl<P, O>(
paths: &[P],
entries: &[AclEntry],
options: O
) -> Result<()> where
P: AsRef<Path>,
O: Into<Option<AclOption>>,
Set access control list (ACL) for specified files and directories.
Sets the ACL for the specified paths using the given access control entries. The semantics and permissions of the access control list depend on the underlying platform.
macOS
The ACL contains extended entries beyond the usual mode permission bits. An entry may allow or deny access to a specific user or group. To specify inherited entries, use the provided Flag values.
macOS Example
use exacl::{setfacl, AclEntry, Flag, Perm}; let entries = vec![ AclEntry::allow_user("some_user", Perm::READ | Perm::WRITE, None), AclEntry::deny_group("some_group", Perm::WRITE, None) ]; setfacl(&["./tmp/foo"], &entries, None)?;
Linux
Each entry can only allow access; denying access using allow=false is not supported on Linux.
The ACL must contain entries for the permssion modes of the file. Use
the AclEntry::allow_other
and AclEntry::allow_mask
functions to
specify the mode's other and mask permissions. Use "" as the name for the
file owner and group owner.
If an ACL contains a named user or group, there should be a
AclEntryKind::Mask
entry included. If a one entry is not provided, one
will be computed.
The access control entries may include entries for the default ACL, if one
is desired. When setfacl
is called with no Flag::DEFAULT
entries, it
deletes the default ACL.
Linux Example
use exacl::{setfacl, AclEntry, Flag, Perm}; let entries = vec![ AclEntry::allow_user("", Perm::READ | Perm::WRITE, None), AclEntry::allow_group("", Perm::READ, None), AclEntry::allow_other(Perm::empty(), None), AclEntry::allow_user("some_user", Perm::READ | Perm::WRITE, None), ]; setfacl(&["./tmp/foo"], &entries, None)?;
Errors
Returns an io::Error
on failure.