sec_acl_replace-Apply ("write") ACLs to a protected object.
#include <dce/daclif.h>
void sec_acl_replace(
sec_acl_handle_t prot_obj_handle,
uuid_t *manager_type,
sec_acl_type_t acl_type,
sec_acl_list_t *acl_list,
error_status_t *status);
Input
- prot_obj_handle
Handle to a protected object.
- manager_type
An ACL manager type UUID to the protected object.
- acl_type
An ACL type of the protected object.
- acl_list
New ACLs to be applied.
Output
- status
Completion status. On successful completion, error_status_ok is returned. Otherwise, an error (!= error_status_ok) is returned.
Thesec_acl_replace() routine replaces the ACL managed by the specified ACL manager on the specified protected object, by the new ACL.
Thesec_acl_replace() routine replaces the currently existing ACLs on the protected object with the specified new ones.It is to be noted that the "currently existing ACLs" may not be the same as the "old ACLs" previously returned by
sec_acl_lookup() , because an interveningsec_acl_replace() may have already replaced the old ACL on the protected object (that is, no locking/transactional semantics are supported to prevent this from happening).This routine is "atomic", in the sense that it deals with whole ACLs at a time, not with individual ACLEs. Also, this routine is uninterruptible by other invocations of itself (because interruptibility could compromise consistency of ACLs).
Implementations layer this routine over the rdacl RPC interface operation
rdacl_replace() .
error_status_ok, sec_acl_unknown_manager_type.
Functions:sec_acl_bind() ,sec_acl_bind_to_addr() ,sec_acl_get_manager_types() ,sec_acl_get_manager_types_semantics() ,sec_acl_lookup() .Protocols:
sec_acl_replace() .
Contents | Next section | Index |