sec_acl_replace-Apply ("write") ACLs to a protected object.
#include <dce/daclif.h> void sec_acl_replace( sec_acl_handle_t prot_obj_handle, uuid_t *manager_type, sec_acl_type_t acl_type, sec_acl_list_t *acl_list, error_status_t *status);
Handle to a protected object.
An ACL manager type UUID to the protected object.
An ACL type of the protected object.
New ACLs to be applied.
Completion status. On successful completion, error_status_ok is returned. Otherwise, an error (!= error_status_ok) is returned.
sec_acl_replace()routine replaces the ACL managed by the specified ACL manager on the specified protected object, by the new ACL.
sec_acl_replace()routine replaces the currently existing ACLs on the protected object with the specified new ones.
It is to be noted that the "currently existing ACLs" may not be the same as the "old ACLs" previously returned by
sec_acl_lookup(), because an intervening sec_acl_replace()may have already replaced the old ACL on the protected object (that is, no locking/transactional semantics are supported to prevent this from happening).
This routine is "atomic", in the sense that it deals with whole ACLs at a time, not with individual ACLEs. Also, this routine is uninterruptible by other invocations of itself (because interruptibility could compromise consistency of ACLs).
Implementations layer this routine over the rdacl RPC interface operation
sec_acl_bind(), sec_acl_bind_to_addr(), sec_acl_get_manager_types(), sec_acl_get_manager_types_semantics(), sec_acl_lookup().