Expand description
posix-acl is a Rust library to interact with POSIX file system Access Control Lists (ACL). It wraps the operating system’s C interface with a safe Rust API. The API is deliberately different from the POSIX C API to make it easier to use.
NB! Currently only tested on Linux.
While officially called a “list”, The main struct PosixACL implements a “mapping-like”
interface where key is the Qualifier enum and value is u32 containing permission bits.
This is without any loss of functionality, as duplicate entries with the same Qualifier are
disallowed by POSIX anyway.
For background information about ACL behavior, read POSIX Access Control Lists on Linux.
Usage example
use posix_acl::{PosixACL, Qualifier, ACL_READ, ACL_WRITE};
// Read ACL from file (if there is no ACL yet, the OS will synthesize one)
let mut acl = PosixACL::read_acl("/tmp/posix-acl-testfile").unwrap();
// Get permissions of owning user of the file
let perm = acl.get(Qualifier::UserObj).unwrap();
assert_eq!(perm, ACL_READ | ACL_WRITE);
// Get permissions for user UID 1234
let perm = acl.get(Qualifier::User(1234));
assert!(perm.is_none());
// Grant read access to group GID 1234 (adds new entry or overwrites an existing entry)
acl.set(Qualifier::Group(1234), ACL_READ);
// Remove ACL entry of group GID 1234
acl.remove(Qualifier::Group(1234));
// Write ACL back to the file
acl.write_acl("/tmp/posix-acl-testfile").unwrap();Structs
- Returned from
PosixACL::entries(). - The ACL of a file.
Enums
- Error type from ACL operations. To distinguish different causes, use the
kind()method. - The subject of a permission grant.
Constants
- Execute permission
- Read permission
- All possible permissions combined:
ACL_READ | ACL_WRITE | ACL_EXECUTE - Write permission